This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
Even though web services are the de facto standard for enterprise application integration, there are not good enough security tools available to help security professionals and developers alike secure them. Netsparker addresses this issue and integrates a web services vulnerability scanner within their popular false positive free web vulnerability scanner.
21 January 2014, London – Netsparker Ltd today announced version 3.2 of Netsparker Web Application Security Scanner, a leading web vulnerability scanner that helps organizations from all around the globe keep their web applications and web services secure.
With this new version of Netsparker web security professionals can automatically identify vulnerabilities and web security issues within web services. Launching a vulnerability scan against a web service is as simple as launching a vulnerability scan against a web application, by simply entering the URL and click the Start Scan button.
“Web services form a vital part of most web infrastructures, yet at the moment there aren’t many appropriate security tools available to help security professionals and developers build secure web services” explained Ferruh Mavituna, CEO of Netsparker. “We built the web services scanner into Netsparker to help organizations automatically secure their web services without the need to look for and learn how to use new and complicated security tools.“
Feature Highlights of Netsparker 3.2
Web Services Security Scanner
Any security professional can use Netsparker to automatically identify vulnerabilities and security issues within a web service. The new version of Netsparker also supports Hybrid Scanning; if a web service is identified within a web application it will start scanning the web service within the same scan.
New Request and Response Viewers for a Better Insight
To help web security professionals and developers get a better insight of today’s complicated web applications and secure them properly, the new version of Netsparker is shipped with the all new Request and Response viewers, which can also render JSON and XML documents in tree views.
New Web Application Vulnerability and Security Checks
The new version of Netsparker Web Application Security Scanner also includes a number of new security checks for web applications and web services to ensure that no stone is left unturned during a web vulnerability scan.
Other Netsparker 3.2 New Features and Improvements
- New Knowledge Base node for AJAX / XML HTTP Requests
- New value matching options for form values
- Improved XSS vulnerability confirmation to ensure false positive free web security scans
- Improved generic source code disclosure security checks
For more details about all the new features and improvements in Netsparker 3.2 refer to the Netsparker 3.2 Features Highlights document.
Netsparker Pricing and Availability
Netsparker 3.2 starts at $1,950 and is licensed per seat per year. It is available through Netsparker Ltd and through all its resellers. More information about Netsparker is available at https://www.invicti.com
Press Contact: firstname.lastname@example.org
Netsparker Ltd is a young and enthusiastic UK based company. Netsparker is focused on developing a single automated web security product, the false positive free Netsparker Web Application Security Scanner. Netsparker management and engineers have more than a decade of experience in the web application security industry that is reflected in their product, Netsparker. Founded in 2009, Netsparker’s automated web vulnerability scanner is one of the leading security tools and is used by world renowned companies such as Samsung, NASA, Skype, ING and Ernst & Young.