Netsparker uses a wide range of security checks during a scan to test for issues and vulnerabilities. Some are default while others can be modified or deleted. Since the number of hacks and vulnerabilities grows continuously, Netsparker web application security scanner must regularly add to its total list of security checks. In the recent Netsparker Standard 5.5 November 2019 Update, we have added BREACH Attack to our list of security checks. BREACH Attack (Browser Reconnaissance & Exfiltration via Adaptive Compression of Hypertext) is a Medium Severity Level vulnerability and occurs in SSL/TLS protected connections. Attackers can use it to view a victim’s encrypted traffic and steal information from a website. In Netsparker Standard, the BREACH Attack security check is enabled by default. It can be disabled and requires no additional settings.
For further information, see Security Checks and BREACH Attack. For further information on other features in the latest release, see Netsparker Standard 5.5 – November 2019 Update.