“Netsparker is the best web application scanner we know of: It's affordably priced as a tier two scanner, but it is as accurate as a tier one scanner or better. And it has the lowest false positive rate we ever saw in the last 14 years with competing products. We can confirm that Netsparker is a very good reason to spend money and to replace any web application scanning tools you are using at the moment. That money will be quickly recovered.” Paolo Da Ros, CryptoNet, Italy.
CryptoNet is the oldest and most experienced information technology security company in Italy. They are a PCI Approved Scanning Vendor (ASV) and Qualified Security Assessor (ASV). Created in 1995, they have more than 20 years’ experience in the Information security industry. CryptoNet serves a variety of very large companies from all types of verticals, including government agencies in the Italian market. They also work with a number of customers based in Sweden, Switzerland and Spain.
Most of CryptoNet’s customers are a ‘natural’ target for hackers, such as governments agencies and their websites. Therefore, they have to identify them all; any critical weaknesses that are not identified and closed would result in a devastating blow to their professional reputation and to their customer’s reputation and business.
Years of Experience in Using Automated Web Security Scanners Have Led CryptoNet to Use Netsparker.
Netsparker’s Technology Allowed for More Man-Hours
Having to do penetration tests on very big and complex web applications, CryptoNet have been using automated web security tools since 2002. You can say they have tried them all; HP WebInspect, IBM Appscan, Cenzic and the lot. After working with all these tools, for the last few years CryptoNet settled with Netsparker web application security scanner. Thanks to its automated vulnerability confirmation technology Netsparker allowed the CryptoNet team to spend more valuable man-hours conducting manual tests and focusing on identifying more vulnerabilities, such as the logical ones.
Netsparker Allowed CryptoNet to Deliver More Advanced Web Penetration Tests
“We have been performing vulnerability assessments and penetration tests since 1995, and we are constantly looking at ways to improve our techniques and work practices. With a tool such as Netsparker, that automates all the automatable checks, when we now conduct manual tests we can spend more man-hours focusing on deeper research on the target application, thus identifying more vulnerabilities. And this is the only way to win the loyalty of our customers and keep our reputation in such a crowded market,” said Paolo Da Ros of CryptoNet.
Comparing Netsparker to Other Web Vulnerability Scanners
Netsparker has always fared very well when compared to other automated web vulnerability scanners, as highlighted again in the 2015 update of the web security scanners comparison. Though no one can explain it better than a customer who has more than a decade of experience using automated web security scanners.
“The UI is simple and clean. Netsparker provides very thorough scans that are easy to understand, and include well-made proofs of the vulnerabilities found during a scan. This results in saving time & money, instead of going around on a wild-goose chase. We now have a lower cost of remediation due to having almost zero false positives.”
And what about support? “It was great. They always gave us fast responses and helpful advice”.
CryptoNet was one of the first Italian companies to have considered the importance of information security in the age of Internet. This idea was incorporated in 1995 and this idea continues to be its reason for being. Even though many Italian companies who are active in the market of IT services are larger than CryptoNet very few, however can count on such an extensive experience. Over the years CryptoNet installed the first firewall in Italy, designed architectures for cryptographic smart cards and implemented dozens of public key infrastructures, IDS and IPS. CryptoNet also supports customers in complying with provisions of the law (Legislative Decree no. 196 / 03, 231/01, 262/05) and industry regulations such as PCI-DSS and ISO27001.