Integrating Netsparker to other systems was one of the most requested features. We have tried to solve it by introducing this so called Send To feature. The idea is similar to the Send to file context menu item of Windows Explorer where you right click a file and send it to one of the predefined targets like Mail Recipient, Desktop, etc. Whereas in Netsparker, you can now right click a vulnerability on Sitemap or Issues panel and send it to a bug tracking system like FogBugz. With this version we are going to ship two Send To targets for popular bug/issue tracking systems FogBugz and JIRA. One of the best parts of this feature is that it is extensible and you are free to add your own target system with a bit of coding. There is an API for this feature and also we have a small tutorial to get you started.
HTTP Strict Transport Security (HSTS) is an opt-in security enhancement that is specified by a web application through the use of a special response header. Once a supported browser receives this header, that browser will prevent any communications from being sent over HTTP to the specified domain and will instead send all communications over HTTPS. If your web application uses HTTPS and doesn’t take advantage of HSTS (or misconfigured), Netsparker will report this. You can read more about HSTS on ScanToSecure blog.
Sometimes it’s nice to have a proof of concept for issues like Cross-site Scripting. This new feature allows you to generate an HTML Proof of Concept file to exploit an XSS identified by Netsparker just by clicking the Generate Exploit button, so you don’t have to spend your valuable time to this.
Ask and you shall receive! We now include one of the most requested report templates. You can see if your scan has vulnerabilities that are listed in OWASP Top Ten vulnerability list.
As of this version, Netsparker meets all the Windows 8 client app certification requirements and officially entitled to use Windows 8 Compatible logo.
Netsparker now keeps track of all responses and won’t run unnecessary checks more than once when the response is exactly same. This is enabled by default, can be disabled using Advanced Settings.
In certain websites this will significantly decrease the CPU load and will improve the performance of the scan.
If you have a valid Netsparker Professional or Standard license then all you need to do is click "Help > Check for Updates" to update to Netsparker 2.5.