Frequently asked questions (FAQ)
You can find answers to your questions in our Knowledge Base. If you can't find an answer to your question, ask our consultants using the online chat or send a request using the support ticket system.
WEBGuard Web Application Scanning (WAS) uses the scalability of the cloud platform to search, list and check company web applications. The WEBGuard WAS service checks, analyzes web applications and identifies vulnerabilities that are dangerous for databases or can help bypass application access control tools.The WEBGuard® Web Application Scanning (WAS) is provided as a service and allows:
Discovers new and unknown web applications on the network. WEBGuard WAS helps reduce risk by automatically searching for official and "unofficial" applications that may be hidden in your network environment.
Saves time by allowing you to focus on what matters most. WEBGuard WAS is designed to reliably find a vulnerability without wasting time on false alarms. You can detect OWASP Top 10 risks such as SQL injections, cross-site scripting (XSS), cross-site spoofing (CSRF) and URL redirection - then priorities are set and you can focus on the issues that will have the most effect.
Automatically login to the test as a real user. Just enter your username and password; WEBGuard automatically detects forms of authorization and authentication, so the scan will work as if they were real users. Several authentication methods (including form, HTTP Basic, Digest and HTLM) ensure compatibility with a wide range of applications.
If you manage a large number of applications, you can have your own administrators, security staff, developers, managers and even auditors, all can use WEBGuard simultaneously. Each user can have his own record with access only to the resources and actions they need.
Integration of scan data into other security systems. A rich set of APIs allows you to use the scanning results of your web application.