This is an archive post from the Netsparker (now Invicti) blog. Please note that the content may not reflect current product names and features in the Invicti offering.
Last week we applied a new major update to Netsparker Enterprise, our online web application security scanning service. Below is an overview of what is new, improved and fixed in update 20160311.
New Start a New Scan Interface
The new Start a New Scan interface is more intuitive. You can configure every aspect of the web application security scan and the Scan Profile without having to scroll down through a long list of settings.
Scan Profiles Improvements
When you save the settings of web security scan as a Scan Profile in Netsparker Enterprise, now you can tick the Shared checkbox so the Scan Profile is shared with all the Netsparker Enterprise team members.
You can also configure a Primary Scan Profile for a website. Therefore each time you want to configure a new scan for that website, the Primary Scan Profile will be selected by default.
New & Improved Web Security Checks
We also updated our existing SSL / TLS security check to issue an alert should their SSL / TLS implementation be vulnerable to the new DROWN SSL/TLS vulnerability, that essentially allows the attackers to break the encryption and read the communication. Refer to the DROWN vulnerability website for more details on the vulnerability.
Other Netsparker Enterprise Improvements & Bug Fixes