This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
We’re delighted to announce the release of Netsparker Standard 5.6. The highlights of this release are:
- A new WAF identification security check
- An alternative method of license activation
- New Send to Actions and WAF integrations
New Security Check
We have added a new security check – WAF Identifier Engine.
WAF Identifier Engine
This new security check detects whether the target website in a scan is using a Web Application Firewall that blocks Netsparker attacks, and warns the user about it.
For further information, see WAF Identifier.
We have added Netsparker Enterprise Integration to the License Required dialog. This enables the activation of a license using the Netsparker Enterprise Information that is stored in the Netsparker Enterprise tab in the Options dialog.
Netsparker Standard already has many integrations. The Netsparker Standard 5.6 Update has added several new integrations to the Send To and WAF tabs.
Send to Actions
Web Application Firewall
Integration is now also available for FortiWeb.
For further information, see Generating FortiWeb Web Application Firewall Rules from Netsparker, Issue Tracking Systems and Web Application Firewalls.
SANS Top 25 Report
The SANS Institute has developed the CWE (Common Weakness Enumeration) list of top 25 software security vulnerabilities. Netsparker Standard 5.6 has added a SANS Top 25 Scan Policy and report.
New Login Confirmation
The 5.6 Update has added a new login confirmation to ensure that Netsparker was able to acquire an authentication session after conducting the login sequence. This is in order to notify users in case of any failure due to changed credentials. In addition to this, Netsparker will confirm detected logouts from now on and will prevent any misleading logout detected notifications.
For further information, see Logs.
Auto Export Feature
Completed Netsparker Standard scans can be uploaded to Netsparker Enterprise. We have added an Auto Export feature that enables the automatic export of all old session files not previously uploaded to Netsparker Enterprise, when connected to its servers. This new option, 'Upload finished scans to Netsparker Enterprise automatically', is enabled in the Netsparker Enterprise tab in the Options dialog.
For further information, see How to Upload Finished Scans to Netsparker Enterprise Automatically from Netsparker Standard.
For a complete list of what is new, improved and fixed in this update, refer to the Netsparker Standard Changelog.