This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
12th June 2013 – Netsparker announce the release of the third version of its popular and revolutionary false positive free web application security scanner Netsparker.
The new version of Netsparker allows you to identify security vulnerabilities in web applications more efficiently and faster at a much lower cost. The improved scanning engine and security checks allow you to identify more web application vulnerabilities than ever before.
“Netsparker version 3 is a natural evolution of its predecessors. We improved the scanning and exploitation engines to be able to detect more web security vulnerabilities and also improved the usability of the product by introducing new features such as the Scan Policy Editor” said Ferruh Mavituna, Netsparker CEO. “Netsparker users can be more specific when selecting which vulnerabilities to scan for thus saving time and bandwidth while being more productive.”
Netsparker Version 3 New Features Highlights
Reduced Web Security Scan Time and Improved Productivity
Netsparker version 3.0 sports a new Scan Policy Editor that allows you to build scan policies tailored for your web applications thus saving you time. When scanning a web application with a MS SQL backend database Netsparker will not launch security checks related to other database servers. This means less bandwidth is consumed and a shorter scan time.
Confirm your Payment Web Applications are PCI compliant
A new PCI compliance report template has been added in Netsparker 3.0. By generating a PCI compliance report once a web application security scanned is finished, it is easier than ever before to identify all the vulnerabilities that need to be fixed to ensure that your websites and web applications are PCI compliant.
Automate More of your Web Application Security Scans
This new version of Netsparker has a new and improved list of URLs to be excluded during a scan and allows you to specify more than 1 matching string or regular expressions. There is no more the need to reconfigure an excluded URL list for each different web application security scan.
More Detailed Information is Reported during a Web Security Scan
During a scan Netsparker compiles a list of must know facts about the scanned website and lists them under the new Knowledge Base node in the Site Map window. E.g. it will list all the different file extensions detected during a scan, list of external hosts identified on the target web application, list of MIME Types used etc.
Identify Vulnerable Versions of off the shelf Web Applications such as WordPress
Netsparker has a web application finger printing module which will automatically identify off the shelf web applications such as WordPress, Joomla and Drupal and will identify their version and report any known vulnerabilities and security issues.
Improved Scanning Engine that Detects more Vulnerabilities
The Netsparker scanning engine has been improved for version 3 so no stone is left unturned when scanning a web application. Several new web vulnerability checks have also been introduced while existing ones have been drastically improved. For a complete detailed list of what is new and what has improved in Netsparker version 3 refer to Highlights of the New Netsparker Version 3 Features and Improvements.
Netsparker is a young and enthusiastic UK based company. Netsparker is focused on developing a single web security product, the false positive free Netsparker Web Application Security Scanner. Founded in 2010, Netsparker is one of the leading web application security scanners and is used by world renowned companies such as Samsung, NASA, Skype, ING and Ernst & Young.
For more information please visit http://www.netsparker.com.