This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
We have just updated Netsparker Enterprise, our online web application security scanner.
In this new update we included a wizard to help first time users add their first website to Netsparker Enterprise and launch a web application security scan. We also added support for late confirmation of web vulnerabilities; there are scenarios in which some vulnerabilities, such as blind and second order ones cannot be confirmed by Netsparker Hawk testing infrastructure while the scan is running. Therefore if a vulnerability is identified and confirmed after the scan has finished, you will be alerted via email about it.
In this update of Netsparker Enterprise, we also included a good number of crawler coverage, vulnerability detection, performance and UI improvements. Last but not least, we added new security checks for time based Server-Side Request Forgery, insecure targets in Content Security Policy, added markdown injection attack pattern in the XSS engine and more.
For a complete list of what is new, improved and fixed in this month’s update of our dead accurate web application security scanner, please refer to the changelog.
Your Information will be kept private.