Accurate and trustworthy vulnerability testing results are the foundation of any web application security program, but raw data is only the starting point. To help you turn scan results into actionable insights, Netsparker provides extensive reporting functionality with clear dashboards, predefined reports, and configurable report templates. Armed with this data, you can monitor your security posture, satisfy compliance requirements, and deliver customized information to everyone who needs it.
The first page you see after logging in to Netsparker is the overview dashboard – your security management center. Here, you can see how many scans were launched, how many vulnerabilities Netsparker identified, and how many issues remain unfixed. You also get aggregated views of vulnerability trends and severities along with vital metrics such as average time to fix, providing a clear view of your current security posture and remediation progress. A similar dashboard is also available at website level to show the security status of individual scan targets.
Demonstrating web application compliance with various security standards and best practices is crucial in many industries. To help you prepare vulnerability reports for common web security compliance requirements, Netsparker comes with a host of predefined compliance checks and reports, including PCI DSS, OWASP Top 10, and HIPAA. While these are provided for information only, Netsparker has also teamed up with a PCI Approved Scanning Vendor (ASV) to offer customers the option to run a PCI DSS scan and get an officially approved PCI compliance report without leaving the product.
You can select the level of reporting detail and aggregation that best suits the report users. To give a non-technical overview of the current vulnerability status for a single website or application, generate the executive summary report from the latest scan to show the number and impact of active issues. For more strategic statistical reporting, you can customize reports according to time period, minimum severity, and website groups, among other criteria. You can also generate comparison reports to automatically compare two or more scan reports and identify trends.
When you need detailed technical information about a specific scan, you can export all the scanning data generated by Netsparker into a scan report. This includes complete information about each vulnerability that was found, including confirmation status, issue location, vulnerability impact, and remediation guidance. For additional insights into the crawling and scanning process, you can export a knowledge base report that includes details such as crawling performance, slowest pages, out-of-scope links, and pages with inputs.