Complimentary 90-day, on-prem license available for entities involved in Covid19 response.

WAF Identifier Security Check

Category: Product Docs & FAQS - Last Updated: Wed, 19 Feb 2020 - by Selman Genc

In the Netsparker Standard 5.6 January 2020 Update, we introduced a new security check, the WAF Identifier Security Check. This new feature scans the application to determine whether there is a Web Application Firewall (WAF) enabled on the target website.

If your target website has an enabled WAF, this would both block Netsparker attacks that are conducted during scans and overall reduce the coverage of the scan.

The WAF Identifier security check is enabled by default. How it works is as follows. If Netsparker begins scanning and detects an enabled WAF, it displays a notification.

At that point, you can do one of two things. You can either stop the scan and disable the WAF, then start a new scan. Or, you can simply dismiss the warning.

For further information, see Security Checks and WAF Identifier Security Check. For further information on other features in the latest release, see Netsparker Standard 5.6 – January 2019 Update.

Netsparker

Keep up with the latest web security
content with weekly updates.