Vulnerability analyzers offer Web scanning as an option

Web scanning is different from vulnerability scanning because it looks for bugs in the Web apps themselves, rather than in the software installed on the Web server. For example, all of the vulnerability scanners told us about an old embedded system on our network vulnerable to a cross-site scripting attack because of an old version of PHP.

That's just normal vulnerability scanning, and depending on your Web applications and Web server settings a scanner may turn out a lot of false positives. But actually finding an exploitable script on a website requires a more intense search, coming in from the outside, and a more specialized type of scanner.

Do you know where your security holes are?

Typically, Web scanning includes some type of data loss prevention features (looking for identity information on Web pages), information disclosure scans (looking for entire directories that are available), cross-site scripting and SQL injection detection, and, of course, known vulnerability scanning in common Web applications.

FusionVM, McAfee MVM and QualysGuard VM all include Web scanning as an option (sometimes separately licensed) in their existing scanners, while eEye offers a separate product, Retina Web, focused on Web application scanning.

As we evaluated the different vulnerability analyzers, we kept looking for IPv6 support. Most of them don't even mention it, with SAINT being the lone exception. SAINT doesn't support IPv6 everywhere yet, but it's the closest product to being IPv6-ready in the set we tested.

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags mcafeeweb scanningsecurityendpoint security

More about etworkHewlett-Packard AustraliaHPLANMcAfee Australia

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Joel Snyder

Latest Videos

More videos

Blog Posts