This blog post announces the October 2020 update for Netsparker On-Premises 1.9.1, highlighting integration with HashiCorp Vault and Travis CI, and Form Auth Custom Script Editor. Read More
This blog post announces the September 2020 update for Netsparker Standard 5.9. The highlights of this release are a signature limit for rewrite matched links, a crawling limit for Not Found links, a new WASC report template, an exclude authentication pages option, and new Out of Band vulnerability details. Read More
The Netsparker web application security scanner has an Application & Service Discovery service that enables you to account for all your online collateral. The Netsparker Enterprise On-Premises June 2020 Update introduced a new API support for this service to give you more options for its settings. Read More
The Netsparker web application security scanner integrates with many popular applications. The Netsparker Enterprise On-Premises June 2020 Update introduced a new integration with Mattermost. It is also available for the Netsparker Enterprise On-Demand edition. Read More
This blog post announces the June 2020 update for Netsparker Enterprise On-Premises. The new features of this release are integration for Mattermost, API support for the Discovery Service, and a SameSite Cookies security check. Read More
Anti-CSRF tokens protect against cross-site request forgery attacks. This article explains the basics of anti-CSRF tokens, including how to generate and verify them. It then describes anti-CSRF protection for specific forms and each request. Finally, it examines issues on CSRF protection, such Ajax, login and non-persisted tokens. Read More
With the April 2020 Update for Netsparker Enterprise, we added support for Universal 2nd Factor Authentication, so you can now use any compliant U2F device. This provides you with a defense against phishing attacks, strong security, and heightened privacy. Read More
Netsparker enables you to send email and SMS notifications. With the April 2020 Update for Netsparker Enterprise, we added the facility to configure notifications in the Update Notification window to email reports as attachments on the Scan Completed event, including to external recipients. Read More
This blog post announces the May 2020 update for Netsparker Standard 5.8. The highlights of this release are Pivotal tracker integration, a Mime type step for test website configuration, improved pre-request scripting API, a fragment parsing option, and a new SameSite Cookies security check. Read More
This blog post announces the April 2020 update for Netsparker Enterprise. The new features of this release are U2F Authentication, issue synchronization for Azure DevOps and ServiceNow integrations, form validation errors in the knowledge base and reports, CVSS 3.1 support, and email reports after a scan. Read More
Cross-site request forgery attacks (CSRF or XSRF for short) are used to send malicious requests from an authenticated user to a web application. Learn how CSRF attacks work and what we can do to prevent them. Read More
This blog post announces the March 2020 update for Netsparker Standard 5.7. The highlights of this release are form validation errors in the knowledge base, CVSS 3.1 support, and query-based navigation in the Scan Policy Editor. Other new features are three new security checks, hash crawling support and an improved BREACH Attack template. Read More
This blog post announces the February 2020 update for Netsparker Enterprise. The new features of this release are a new Sitemap tab in reports; new integrations for Freshservice, Splunk and YouTrack; API Technologies endpoints; a Pre-Request Script feature; a redesigned Scan Summary page; rearranged Security Check groups; and a What’s New panel. Read More
Netsparker will no longer support TLS 1.1 from 26 December 2019. This will affect all HTTPS traffic to Netsparker, including: software updates, the licensing process for Netsparker and vulnerability database updates. Netsparker requests that all users encountering issues should update their settings or contact Netsparker Support. Read More
This blog post announces the January 2020 update for Netsparker Standard 5.6. The new features of this release are WAF identification detection, license activation, new integrations, a new scan policy and report, a new login confirmation, and an auto export feature. Read More
This blog post announces the December 2019 update for Netsparker Enterprise. Highlights include a new Technologies feature, new issue tracking software integrations, new security checks, and new API Endpoint features. Read More
This blog post announces the November 2019 update for Netsparker Standard 5.5. The release highlights are a new Scan Search feature, new Security Checks, and new Web Application Firewall integrations. Other features include improvements to the Progress Panel and Form Authentication OTP support. Read More
This blog post announces the September 2019 update for Netsparker Standard 5.4. The release highlights are Custom Security Checks via Scripting and HMAC Authentication Support via Scripting. Other features include Web Cache Deception Security Checks, Manual Authentication and new Send To Actions integration. Read More
This blog post announces the September 2019 update for Netsparker Enterprise. Highlights are support for internal agents and bulk operations, and new issues tracking integrations and API endpoints. Other new features are support for data exporting, a technical contact change option, scan conversion options, and new malware technology. Read More
Netsparker Enterprise Account Executive Joe Gillespie is interviewed at Black Hat USA 2019 by Enterprise Security Weekly hosts. They discuss the challenges of security scanning, vulnerability management, automation, issue tracking, website discovery, and the latest news from Netparker. Read More
RESOURCES
USE CASES
WEB SECURITY
