Netsparker's Web Application Security Blog

Non Profit Organization Uses Netsparker to Identify Vulnerabilities in Always Changing Custom Web Applications

Category: News - Last Updated: Mon, 22 May 2017 - by Ferruh Mavituna

In this case study, a member from the IT Operations & Security team explains how easy it was to use Netsparker and start the process of identifying and closing down vulnerabilities and security holes in the always evolving custom made web applications used by the international non profit organization New Tribes Mission. Read this full case study to see why many web security professionals choose Netsparker as their web vulnerability scanner of choice. Read More

New Improved Netsparker 3.1.4 is Available for Download

Category: Releases - Last Updated: Fri, 29 Nov 2013 - by Huseyin Tufekcilerli

A new version of Netsparker Web Application Security Scanner is available for download. This version 3.1.4 of Netsparker includes several improvements to the user interface to ease the process of configuring the scanner, and also includes several bug fixes. For more details about this new build of Netsparker read this blog post. Read More

The Wait is Over, Netsparker 3.1 is Here with Full HTML5 Support

Category: Releases - Last Updated: Thu, 26 Oct 2017 - by Ferruh Mavituna

Netsparker Version 3.1 is a major version update. With this version of the false positive free web application security scanner Netsparker, users can scan and identify security issues in HTML5 web applications. This new version of Netsparker also includes a number of new security checks for Web 2.0 web applications, can inject JSON and XML HTTP requests, reports much more information about the target web application and much more. Read this post for a complete detailed list of what is new and improved in Netsparker 3.1 Read More

Netsparker Web Application Security Scanner Fully Supports HTML5

Category: News - Last Updated: Wed, 20 Nov 2013 - by Ferruh Mavituna

Press Release | Netsparker Ltd announces the latest version of their web vulnerability scanner that allows organizations to automatically scan HTML5 web applications and launch more advanced attacks against modern dynamic web 2.0 applications. For more details about all of the new features in Netsparker Web Application Security Scanner version 3.1 read this press release Read More

New Netsparker 3.1 is Available for Download

Category: Releases - Last Updated: Wed, 20 Nov 2013 - by Robert Abela

An overview of Netsparker Web Application Security Scanner Version 3.1 - Full HTML 5 web application support, new security checks for Web 2.0 web applications, automatic CSRF vulnerability detection, detailed analysis of target web applications and much more. Read More

Morneau Shepell Secures More Than 600 Websites Without an Army of Penetration Testers

Category: News - Last Updated: Mon, 22 May 2017 - by Ferruh Mavituna

An International Pension and Benefits Company called Morneau Shepell uses Netsparker to automatically scan over 600 websites a month. In this Netsparker case study we will see how Morneau Shepell managed to automate the scanning of all these web applications without involving an army of penetration testers and web security experts. Only with an easy to use tool such as Netsparker all this can be achieved. Read More

PCI Compliance - The Good, The Bad, and The Insecure

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Alex Baker

In this first part of a two part article about PCI compliance and web application security, the author looks into the history of compliance, rules and regulations and explores the common shortcomings of such rules. The author also explains why there are such shortcomings and explains that by being compliant, does not necessarily mean having secure web applications. Read More

Top 10 Mistakes when Performing a Web Vulnerability Assessment

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Robert Abela

In Information Technology there are numerous mistakes, oversights, and blunders that are repeated consistently day after day. But given what there is to lose when it comes to web application security, why not learn from the mistakes of others so you don’t get burned? This blog post lists the top 10 mistakes typical web application security experts do and that you need to be aware of when seeking out the real business risks in your web vulnerability assessments: Read More

ING EURASIA IT Audit Team Chooses Netsparker to Detect Web Application Vulnerabilities

Category: News - Last Updated: Tue, 10 Sep 2013 - by Ferruh Mavituna

ING Bank IT security team needed an easy to use and automatic web application security solution. In this case study they explain why Netsparker was the obvious choice; because it is an easy to use web application security scanner that penetration testers can use without the need to spend hours configuring it. Read the full case study to find out more about the benefits Netsparker customers such as ING Bank enjoy by choosing Netsparker. Read More

14 Years of SQL Injection and still the most dangerous vulnerability

Category: Web Security Readings - Last Updated: Thu, 22 Aug 2013 - by Netsparker Security Team
14 Years of SQL Injection and still the most dangerous vulnerability

This is the first of a two part article about SQL Injection vulnerability. In this first part of this web security article, Alex Baker looks into the history of SQL Injection to tries to determine why after 14 years since its discovery, SQL Injection is still the most widely exploited web application vulnerability these days. Read More

Getting developers on board to transition from part of the problem to part of the process

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Robert Abela

Are your web application developers key players in the web application security equation? They are often the unsung heroes who help prevent many security problems from ever occurring, or closing down web vulnerabilities once identified. Yet in the real world they are often portrayed as a large part of the security problem. It doesn’t have to be that way. Read More

Oakland University uses Netsparker to Protect its Web Applications from Hacker Attacks

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Ferruh Mavituna

Netsparker Case Study | In this case study Oakland University's security staff explain how Netsparker Web Application Security Scanner helped them identify web vulnerabilities in the always changing custom web applications. They also explain how important it is for them to have an easy to use web vulnerability scanner such as Netsparker to help all the team increase the visibility into the security of web applications. Read More

Should you pay for a Web Application Security Scanner?

Category: Web Security Readings - Last Updated: Wed, 13 Sep 2017 - by Robert Abela

If you ask 10 web security specialists which is their favorite web vulnerability scanner, most probably you will get 30 different answers. Digging deeper you will also find that while some prefer to use free tools, several others prefer to rely on a commercial web vulnerability scanning solution. This web security blog post highlights the differences between free web security tools and commercial web application security scanners. Read More

Web Application Security Testing should be part of QA Testing

Category: Web Security Readings - Last Updated: Mon, 22 May 2017 - by Robert Abela

Web vulnerability scanning should form part of the normal QA process when developing web applications to ensure that a business develops and releases secure web applications. Unless project managers start classifying security vulnerabilities and other web application security issues as normal functionality bugs, web developers will keep on developing vulnerable web applications. Read More