Netsparker’s All New Online Web Application Security Scanner Netsparker Enterprise is Here

Read about the new features Netsparker Enterprise, the new online web application security scanner by Netsparker has and learn how your organization can leverage them to automatically identify vulnerabilities and security flaws in websites and web applications and ensure they are secure while saving on costs.

After a good number of months of late nights and endless supply of coffee, many beta testers and discussions about adding or removing specific features, we are happy to announce that Netsparker Enterprise, the new online web application security scanner is officially released and available for all of you. Netsparker Enterprise Interface

What is Netsparker Enterprise?

The name says it all; Netsparker Enterprise is an online web application security scanner built on top of AWS (Amazon Web Services), guaranteeing the best possible performance and scalability. You can scan hundreds or thousands of web application in just a few hours and all the results will be correlated, easy to access and act on. The service uses the already proven scanning technology of the desktop edition of Netsparker. Therefore we guarantee you that it will detect the most vulnerabilities, as shown in Shay Chen's last independent web vulnerability scanners comparison, and it reports no false positives.

Netsparker Enterprise Features Highlights

Another online web security scanner on the market? No, Netsparker Enterprise is different. It brings a lot to the table especially for large organizations who would like to ensure the security of hundreds and even thousands of websites and web applications. Netsparker Enterprise can also be used by small businesses, though as explained in this post it has a good number of features that help organizations ease the job of securing their web applications.

Easy to Use and False Positive Free

Even though easy to use products and false positive free web security scanning technology has become synonymous with the Netsparker brand, it is still very important to talk a bit about them and  to remind users and business owners how much their organization can benefit from such features.

Easy to Use Web Security Service

Web application security is not exactly a straightforward process, hence by using easy to use products you ensure that you and your team can focus on securing web applications and not figuring out how to use the tools.

Easily Scan Password Protected Websites

Once we are speaking about ease of use of security tools, allow me to show you how you can configure form authentication, so Netsparker Enterprise can scan a password protected area in your website. Most probably you have seen how it works with other tools, where you have to record a login macro, or contact support to configure it for you. With Netsparker Enterprise it is as simple as specifying the login form URL and username and password and the service will figure out everything by itself. Configuring Netsparker Enterprise to scan a password protected website If you are using Client Certificate, NTLM, Basic or Digest authentication simply tick the checkbox and specify the credentials. Yes it is that simple.

False Positive Free Web Security Scan Results

Every security professional will tell you that false positives are a big detriment in the web application security industry. If you use a tool that reports a lot of false positives that you have to manually verify, then what is the use of automating the process? Might as well audit the web application manually, which is of course an impossible feat considering the complexity and size of today's web applications. And we designed Netsparker’s scanning technology, which is used in both Netsparker Enterprise and Desktop with this in mind. Hence Netsparker Enterprise is a false positive free online web security scanning service.

Multi-User Platform

One of the biggest problems in the security process is bringing everyone to the speed, keeping developers responsible and having a good communication channel between security and developments teams good. Since it is a multi-user platform, Netsparker Enterprise allows teams in large organizations easily collaborate between them to ensure that all web applications are scanned and all identified vulnerabilities are closed down. Netsparker Enterprise is a multi-user platform that allows all team to collaborate There is no limit to how many users you can create for each account and the main account holder can configure different privileges for each created user, ensuring that every user only has access to what they need to do the job. Refer to Ease Collaboration and Improve Productivity with Netsparker Enterprise for more information on the multi-user feature.

Vulnerability Management To Ease Fixes

Netsparker Enterprise has a built in vulnerability management system which allows team members to assign vulnerabilities as tasks to others, thus ensuring everyone knows what needs to be done. Similar to a bug tracking system, this feature really helps in ensuring all vulnerabilities are remedied. Team members can assign vulnerabilities as task to developers so they can be fixed Once a vulnerability is marked as fixed Netsparker Enterprise will automatically scan the web application to ensure the fix. Should it not be fixed, the task will be automatically reassigned to the developer. Read Vulnerability Management and Remediation for more information on this handy feature. And if instead you would like to continue using your existing bug tracking system, that is fine as well as Netsparker Enterprise can be easily integrated with it.

Fully Configurable Web Security Scanning Service

Even though Netsparker Enterprise is an online service it is a fully configurable online web security scanning service. In terms of configuration it is the same as Netsparker Desktop, there are no limitations to the type of scan settings you can configure, or which scan policy or URL rewrite rules to use for a web vulnerability scan.

Easily Manage the Security of Many Websites

In Netsparker Enterprise you can create and use groups to group websites. By grouping websites you can configure specific scan  policies and settings that can be used to scan the websites, or scan a group of websites at the same time. Groups also allow you to easily get an overview of the security state of a number of websites in the group, rather than having to manually sift through thousands of scan results.

Integrate Web Security Scanning in Your SDLC

Integrating Netsparker Enterprise in your SDLC and Continuous Development is very easy and secure; an API token is used for each user and all type of actions such as launching a new web application security scan and getting the results of a scan can be triggered via the API. Detailed API documentation is available in Netsparker Enterprise.

Apply for a Netsparker Enterprise Trial

The above list is just an overview of what is new in Netsparker Enterprise. See for yourself how much time and resources your business can save when using Netsparker Enterprise to ensure the security of all websites and web applications. Apply for a Netsparker Enterprise trial and your region's product specialist will get in touch and sort out a free full trial.

We Would Like to Hear From You

As much as we are happy with this new release of Netsparker Enterprise, we are also excited with what lies ahead. Even though we are confident that Netsparker Enterprise has already raised the bar for online web application security scanners, we are sure that there is a lot that still needs to be done therefore we would like to hear from you. Go ahead and apply for a Netsparker Enterprise trial and let us know what you think of it. Visit the Netsparker Enterprise product page and Netsparker Enterprise benefits page  for more information about the features of Netsparker Enterprise and the benefits your business can take advantage of when securing web applications with Netsparker Enterprise.

About the Author

Ferruh Mavituna - Founder, Strategic Advisor

Ferruh Mavituna is the founder and CEO of Invicti Security, a world leader in web application vulnerability scanning. His professional obsessions lie in web application security research, automated vulnerability detection, and exploitation features. He has authored several web security research papers and tools and delivers animated appearances at cybersecurity conferences and on podcasts. Exuberant at the possibilities open to organizations by the deployment of automation, Ferruh is keen to demonstrate what can be achieved in combination with Invicti’s award-winning products, Netsparker and Acunetix.