Netsparker 3 Makes Web Application Security Easier and Affordable

Press Release | Netsparker announces Netsparker Web Application Security Scanner version 3.0. The new version of Netsparker reduces the web security scan time to enable you to improve productivity, it confirms your payment web applications are PCI compliant, and helps you automated much more of your web application security scanning.

 12th June 2013 – Netsparker announce the release of the third version of its popular and revolutionary false positive free web application security scanner Netsparker.

The new version of Netsparker allows you to identify security vulnerabilities in web applications more efficiently and faster at a much lower cost. The improved scanning engine and security checks allow you to identify more web application vulnerabilities than ever before.

“Netsparker version 3 is a natural evolution of its predecessors. We improved the scanning and exploitation engines to be able to detect more web security vulnerabilities and also improved the usability of the product by introducing new features such as the Scan Policy Editor” said Ferruh Mavituna, Netsparker CEO. “Netsparker users can be more specific when selecting which vulnerabilities to scan for thus saving time and bandwidth while being more productive.”

Netsparker Version 3 New Features Highlights

Reduced Web Security Scan Time and Improved Productivity

Netsparker version 3.0 sports a new Scan Policy Editor that allows you to build scan policies tailored for your web applications thus saving you time. When scanning a web application with a MS SQL backend database Netsparker will not launch security checks related to other database servers. This means less bandwidth is consumed and a shorter scan time.

Confirm your Payment Web Applications are PCI compliant

A new PCI compliance report template has been added in Netsparker 3.0. By generating a PCI compliance report once a web application security scanned is finished, it is easier than ever before to identify all the vulnerabilities that need to be fixed to ensure that your websites and web applications are PCI compliant.

Automate More of your Web Application Security Scans

This new version of Netsparker has a new and improved list of URLs to be excluded during a scan and allows you to specify more than 1 matching string or regular expressions. There is no more the need to reconfigure an excluded URL list for each different web application security scan.

More Detailed Information is Reported during a Web Security Scan

During a scan Netsparker compiles a list of must know facts about the scanned website and lists them under the new Knowledge Base node in the Site Map window. E.g. it will list all the different file extensions detected during a scan, list of external hosts identified on the target web application, list of MIME Types used etc.

Identify Vulnerable Versions of off the shelf Web Applications such as WordPress

Netsparker has a web application finger printing module which will automatically identify off the shelf web applications such as WordPress, Joomla and Drupal and will identify their version and report any known vulnerabilities and security issues.

Improved Scanning Engine that Detects more Vulnerabilities

The Netsparker scanning engine has been improved for version 3 so no stone is left unturned when scanning a web application. Several new web vulnerability checks have also been introduced while existing ones have been drastically improved. For a complete detailed list of what is new and what has improved in Netsparker version 3 refer to Highlights of the New Netsparker Version 3 Features and Improvements

About Netsparker

Netsparker is a young and enthusiastic UK based company. Netsparker is focused on developing a single web security product, the false positive free Netsparker Web Application Security Scanner. Founded in 2010, Netsparker is one of the leading web application security scanners and is used by world renowned companies such as Samsung, NASA, Skype, ING and Ernst & Young.

For more information please visit

About the Author

Ferruh Mavituna - Founder, Strategic Advisor

Ferruh Mavituna is the founder and CEO of Invicti Security, a world leader in web application vulnerability scanning. His professional obsessions lie in web application security research, automated vulnerability detection, and exploitation features. He has authored several web security research papers and tools and delivers animated appearances at cybersecurity conferences and on podcasts. Exuberant at the possibilities open to organizations by the deployment of automation, Ferruh is keen to demonstrate what can be achieved in combination with Invicti’s award-winning products, Netsparker and Acunetix.