Last week we applied a new major update to Netsparker Cloud, our online web application security scanning service. Below is an overview of what is new, improved and fixed in update 20160311.
The new Start a New Scan interface is more intuitive. You can configure every aspect of the web application security scan and the Scan Profile without having to scroll down through a long list of settings.
When you save the settings of web security scan as a Scan Profile in Netsparker Cloud, now you can tick the Shared checkbox so the Scan Profile is shared with all the Netsparker Cloud team members.
You can also configure a Primary Scan Profile for a website. Therefore each time you want to configure a new scan for that website, the Primary Scan Profile will be selected by default.
We also updated our existing SSL / TLS security check to issue an alert should their SSL / TLS implementation be vulnerable to the new DROWN SSL/TLS vulnerability, that essentially allows the attackers to break the encryption and read the communication. Refer to the DROWN vulnerability website for more details on the vulnerability.