SUPPORT

Contact Support

OPEN A TICKET

Comparison Report

The Comparison Report in Netsparker Standard enables you to compare two or more scan reports.

  • This helps you to track changes in your web applications.
  • You can compare scan sessions conducted at different times, using either the currently active scan session or previously completed scans (stored by default in C:\Users\[username]\Documents\Netsparker\Scans).

  • Netsparker displays the results chart, so you can gain an overview of how the security state has evolved over time and whether previously detected vulnerabilities have been fixed.
  • This report is ideal for non-technical roles, such as executives and managers.
  • Currently, only the Netsparker Standard edition allows you to generate a Comparison Report. You can access a report with similar information in Netsparker Enterprise (see Trend Matrix Reports).

Click to view a sample Comparison Report.

For further information, see Overview of Reports, Report Templates and Built-In Reports.

Severity Trend

This chart allows you to view how the number of vulnerabilities and Vulnerability Severity Levels has changed over time.

 

Vulnerability Summary

This section provides a summary of information about each discovered vulnerable URL and categorizes them based on their severity. For example, if Netsparker determines a vulnerability as Critical, it requires immediate attention.

This table lists and explains the columns in the Vulnerability Summary.

Column

Description

CONFIRM

This shows whether Netsparker has verified a vulnerability.

VULNERABILITY

This displays the name of the issue and provides a link to a detected issue that attackers can exploit.

METHOD

This is the HTTP method of the request in which Netsparker sent the payload. It demonstrates what Netsparker deployed in order to identify an issue.

URL

This is a reference to a resource that contains the issue.

PARAMETER

This is the variable used to identify the issue.

Date and Time

This shows when a scan was run.

  • New: This indicates that this issue has been identified for the first time.
  • Not Existing: This indicates Netsparker had not found this vulnerability in previous scans but identified it in the new scan.
  • Not Fixed: This indicates the vulnerability has not been fixed.
  • Fixed: This indicates the vulnerability has been fixed.
  • Revived: This indicates that the issue had been fixed in previous scans but revived again. 
How to Generate a Comparison Report in Netsparker Standard
  1. Open Netsparker Standard.

  1. From the ribbon, select the File tab. Local Scans are displayed. Doubleclick the relevant scan to display its results. (This will be the first scan you want to add to the report.)
  2. From the Reporting tab, click Comparison Report. The Save Report As dialog box is displayed, prompting you to save the report in your preferred location.
  3. Select a save location and click Save.
  4. The Export Report dialog is also displayed at this point, with the Path field already populated from the previous dialog.

  1. From the Export Report dialog, you can decide on:
  • Policy: Select the default policy or customized policy report(s) (see Custom Report Policies).
  • Format: Select HTML and/or PDF format.                 
  • Vulnerability Options (select one or all):
    • Export Confirmed: When selected, the report will include confirmed vulnerabilities.
    • Export Unconfirmed: When selected, the report will also include unconfirmed vulnerabilities.
    • Export All Variations: Variations mean that if Netsparker identified some passive or Information level issues in more than one page, it does not show all these variations. However, users can change this by enabling or disabling this option.
  • Open Generated Report: When selected, your report(s) will be shown when you click Save.        
  1. Click Save.The Select Session Files to Compare window is displayed, prompting you to add more than one previously completed scan. 

  1. Click OK to generate your report.
How to Generate the Comparison Report in Netsparker Standard without Starting a New Scan
  1. Open Netsparker Standard.

  1. From the Reporting tab, click Comparison Report. The Save Report As dialog box is displayed, prompting you to save the report in your preferred location.
  2. Select a save location and click Save.
  3. The Export Report dialog is also displayed at this point, with the Path field already populated from the previous dialog.

  1. From the Export Report dialog, you can decide on:
  • Policy: Select the default policy or customized policy report(s) (see Custom Report Policies).
  • Format: Select HTML and/or PDF format.                 
  • Vulnerability Options (select one or all):
    • Export Confirmed: When selected, the report will include confirmed vulnerabilities.
    • Export Unconfirmed: When selected, the report will also include unconfirmed vulnerabilities.
    • Export All Variations: Variations mean that if Netsparker identified some passive or Information level issues in more than one page, it does not show all these variations. However, users can change this by enabling or disabling this option.
  1. Click Save.The Select Session Files to Compare window is displayed, prompting you to add more than one previously completed scan.

  1.  Click OK to generate your report.

Netsparker Standard compares scan results based on date and time, and creates a chronological report.

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

GET A DEMO