DISCOVER AND ASSESS RISK OF THOUSANDS OF CORPORATE WEBSITES – Find web applications vulnerabilities in staging and production
Veracode Web Application Scanning (WAS) offers a unified solution to discover, test and monitor all of your applications — not just the ones you know about. To manage the risk of applications in production, Veracode discovers and inventories your external web applications, then performs a lightweight, production-safe scan on thousands of sites in parallel to help you prioritize your biggest risks. For greater risk reduction, you can run
authenticated deep scans on critical applications. In development, you can use Veracode WAS in staging or QA to detect vulnerabilities. In addition, Veracode offers multiple scanning technologies on a single platform, so you get unified results and analytics, plus increased accuracy.
Veracode WAS uses lightweight crawling, domain brute forcing, integrated web searches and other unique approaches to identify more applications than network-based scanning. In fact, Veracode consistently finds 30
percent to 40 percent more websites than companies originally thought they had. As a result, our customers often shut down old and unused websites to reduce costs and risk.
Veracode WAS also identifies architectural weaknesses and vulnerabilities in your running web applications from the outside in. Veracode finds vulnerabilities before cybercriminals can exploit them by crawling the attack surface using the same approach as cybercriminals, such as deliberately supplying malicious data to input fields of web forms and shopping carts.
The Veracode Platform is home to major application security technologies, including static and dynamic analysis as well as software composition analysis, which identifies the risk of open source components. Veracode WAS complements Veracode Static Analysis by performing an outside-in approach to uncovering vulnerabilities. When you scan with both, you’ll benefit from increased breadth and accuracy, as well as consistent reporting and policy management.
Scan public-facing websites directly from our cloud-based platform, and use Veracode Virtual Scan Appliance to test
your internal applications.
This video below is about Veracode Web Application Scanning Product Overview by E-SPIN that will give you more information regarding this product.
For those who can not join us for the session, please see the summary and highlight clip for the event.
E-SPIN recently run a Veracode Web Application Scanning what’s new session cover what new for new user and existing users.
Feel free to contact E-SPIN for solution, product and project requirements.
