May 2016 Netsparker Enterprise Update

Wed, 04 May 2016 - by Ferruh Mavituna

In this update of Netsparker Enterprise we introduced the new Scan Time Window feature and the ability to export the scan results as ModSecurity web application firewall rules.

This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.

In this month's update of Netsparker Enterprise we introduced two new features that allow you as a user to:

Apart from the above in this May 2016 update of Netsparker Enterprise we also included some new checks for SQLite database files, Microsoft PST files, SVN and several others. We also improved the LFI security check and fixed a few bugs. For a complete list of what is new, improved and fixed please refer to the 20160504 Netsparker Enterprise update changelog.

About the Author

Ferruh Mavituna

Ferruh Mavituna is the founder and CEO of Invicti Security, a world leader in web application vulnerability scanning. His professional obsessions lie in web application security research, automated vulnerability detection, and exploitation features. He has authored several web security research papers and tools and delivers animated appearances at cybersecurity conferences and on podcasts. Exuberant at the possibilities open to organizations by the deployment of automation, Ferruh is keen to demonstrate what can be achieved in combination with Invicti’s award-winning products, Netsparker and Acunetix.

July 2016 Netsparker Enterprise Update - REST Support, SRI Security Checks and a New Reporting Tool

In this July 2016 update of Netsparker Enterprise we announce full support for REST APIs, therefore you can now automatically scan and find vulnerabilities in RESTful web services. We also introduced a new Reporting tool and implemented new security checks for Subresource Integrity (SRI), SameSite cookies attribute and more.

Are Your Web Applications Vulnerable to ImageTragick? Scan Them with Netsparker

Both the desktop edition and the online edition of Netsparker web application security scanner have been updated and can automatically detect the Remote Code Execution via file upload vulnerability in ImageMagick, which has been dubbed as ImageTragick.

Configure a Scan Time Window to Specify When a Website is Scanned

The Scan Time Window in Netsparker Enterprise allows you to specify when a target website can be scanned or not.

May 2016 Netsparker Desktop Update

In this Netsparker Desktop update for May 2016 we introduced a new feature that allows you to export the scanner's findings as ModSecurity web application firewall rules. We also improved and added some new web security checks.