Outpost24, a leader in vulnerability management solutions, today announced the launch of its Web Application Scanner, a product designed to address a critical security challenge facing organizations today. An extension of Outpost24’s OUTSCAN and HIAB solutions, Outpost24’s Web Application Scanner uniquely enables both internal and external scanning, allowing organizations to scan thousands of public and custom websites and web applications quickly and easily in order to identify vulnerabilities and their remedies.
According to recent research, vulnerabilities in web applications continue to be the most prevalent type of vulnerability affecting networks today. With this in mind, organizations need to address vulnerabilities on both the low-level web-server and the application layer. Outpost24’s Web Application Scanner automates the assessment of both the web server, as well pinpointing vulnerabilities in the bespoke web applications running on these servers.
“Politically motivated or otherwise, web attacks are a looming threat for organizations today, ” said Anders Persson, CEO of Outpost24. “Organizations need to focus their security efforts on defending their networks from both web server flaws, as well as the more high-risk and complex threats found within web applications, otherwise, they run the risk of leaving themselves vulnerable to attack. Hopefully, as this issue moves further into the media spotlight, organizations will come to realize the importance in safeguarding against it.”
Outpost24’s Web Application Scanner integrates easily with existing tools in order to provide unified reporting of both network and web vulnerabilities and requires no additional software to be downloaded or installed. Satisfying both compliance and internal security requirements the product seamlessly enables high speed scanning of systems, with average scan times taking under an hour. Other key features and benefits of Outpost24’s Web Application Scanner include:
- Advanced user definable scope setting such as IP ranges, URI seed lists, URI white lists, URI black lists and virtual hosts;
- Scan crawler can be tuned for maximum links, request delays, and custom transfer timeouts;
- New settings allow for many types of authenticated scanning such as; HTML form, NTLM, & HTTP basic authentication;
- Highly accurate detection of remote file include, local file include, command injection, code injection, format string issues, cross-site request forgery, and CRLF injection.
“As with all our products, we developed this new solution in response to feedback from our customers, ” continued Persson. “We wanted to provide our customers with even more thorough assessments in order to counter the next big security threat. Those who want to avoid the financial and reputational repercussions of a hacked website would do well to address this problem now.”
Vulnerability Management Made Easy. Outpost24's on-demand vulnerability assessment and management solutions are used by over 1,000 corporate and government customers, including Travelex, Delta Lloyd Group, ING Life Limited, University of Helsinki, and Banco Multiva. Outpost24 is headquartered in Sweden with a global network of local sales offices.
Outpost24 (outpost24.com) delivers security solutions in a Software-as-a-Service (OUTSCAN® & OUTSCAN PCI®) or Appliance (HIAB®) form factor. Outpost24’s solutions provide fully automated network vulnerability scanning, easily interpreted reports, and vulnerability management tools. OUTSCAN PCI® is the ideal tool for businesses of all sizes to achieve and demonstrate PCI DSS compliance.
Outpost24’s solutions can be deployed in a matter of hours, anywhere in the world, providing customers an immediate view of their security and compliance posture.