SUPPORT

Contact Support

OPEN A TICKET

Managing Authentication Verifier Agents in Netsparker Enterprise

You can download and install authentication verifier agents to verify that you run authenticated scans in your local environment.

  • To scan a website located on your internal network, and not accessible from the internet, you need to install and configure a scan agent on your network. The agent will conduct the actual scan job and then report the results back to Netsparker Enterprise.
  • If the website that you scan requires a form authentication, it is recommended that you download and install an authentication verifier agent. This internal agent helps perform the authentication so that you make sure that you run authenticated scanning in your network.

For further information about the internal authentication verifier, see Streamline authenticated scanning with Netsparker’s verifier agents.

This topic explains how to manage authentication verifier agents in Netsparker Enterprise. Downloading authentication verifier agent? See Installing Authentication Verifier Agents.

Manage Authentication Verifier Agents fields

This table lists and explains the fields in the Authentication Verifier Agents page.

Field

Description

Name

This is the name of the authentication verifier agent.

Launch Verification Date

This is the date when the authentication verifier agent was first available.

Last Heartbeat

This is the last time the authentication verifier agent communicated with the web application.

Auto Update Enabled

This is whether the Agent is configured to update itself when there is a new release.

Agent Version

This is the version number of the authentication verifier agent.

VdB Version

This is the Vulnerability Database Version running on the Authentication Verifier Agent.

Operating System

This is the operating system on which the Authentication Verifier Agent is installed.

Managing authentication verifier agents

This page lists authentication verifier agents installed on your machine. From this page, you can download the required files to install your verifier agents, delete your agents, and request agent logs.

How to access the Manage Authentication Verifier page
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Agents > Manage Verifiers.

Accessing verifier agent logs

The Netsparker Enterprise Authentication Verifier Agent stores the application logs in the Logs folder in the installation path.

The last three days’ logs can be downloaded from the Manage Authentication Verifier page. These logs are especially useful for troubleshooting.

How to access authentication verifier agent logs
  1. From the main menu, select Agents > Manage Verifier.
  2. Next to the relevant Agent, select the Command drop-down, then Request Agent Logs.

  1. From the Request Verifier Logs dialog, select Yes. Wait.
  2. In the Save As window, choose a location and select Save.

Then, Netsparker downloads the log to your preferred location.

Deleting authentication verifier agent using the UI

You can delete an authentication verifier agent using Netsparker Enterprise's user interface.

How to delete an authentication verifier agent using the UI
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Agents > Manage Verifiers.
  3. Next to the relevant agent, select Delete.
  4. From the Delete Agent dialog, select Yes, Delete to delete the verifier agent.
This action only deletes the agent from the user interface and stops the service in your machine. 

Verifying form authentication with a verifier agent

After the installation, you can use your agent to authenticate forms.

How to verify form authentication with a verifier agent
  1. Log in to Netsparker Enterprise.
  2. From the main menu, select Scans > New Scan.
  3. In the Target URL field, enter the URL.
  4. From the Scan Options section, select Form Authentication.
  5. Select the Form Authentication checkbox.

  1. In the Login Form URL field, enter the URL of the login form whose credentials you want to configure.
  2. In the Personas section, select New Persona. Then, enter a username and password.
  3. Select Verify Login & Logout so the verifier agent can test the login.
If there is more than one authentication verifier agent installed in your machine, Netsparker shows a drop-down to select the verifier agent you want to use.

If the Verify Login & Logout button is green, this means the Netsparker Enterprise Authentication Verifier Agent authenticated the login form successfully.

Scanning your website with an internal scan agent? See Defining and Scanning an Internal Website in Netsparker Enterprise.

Netsparker

Highly accurate, fast & easy-to-use Web Application Security Scanner

Get a demo