Technologies
The Technologies feature in Netsparker Enterprise finds and lists the technologies used in web applications. It tracks and reports on problems, such as whether any of the technologies are out-of-date or whether a specific version has any issues. Then it presents these technologies as a report and sends an instant notification to the responsible person.
Identified Technologies is available only in Netsparker Enterprise and is enabled by default. When disabled, Netsparker Enterprise still retains information on technologies discovered, but does not notify users.
Active Technologies
Netsparker Enterprise keeps a history of the technologies discovered during the Scan. In this way, Netsparker Enterprise can keep a track of whether the technologies are no longer used.
- If a technology has been detected and it is currently being used by the scanned web application, it is marked as 'In use'. It is reported and (if configured) a notification is sent.
- If Netsparker Enterprise records that a technology is present, but not being used anymore, it marks the technology as 'Not in use'. In this case, this technology is not reported and no notification is sent.
- A technology is considered 'out-of-date' if it does not have the latest version of the branch to which it belongs, or if the branch's development has stopped.
Fixed Technologies
Netsparker Enterprise detects when a technology with issues or an out-of-date version has been fixed, and calculates the fix time for that technology. If comparable scans have the same scan settings, Netsparker Enterprise draws the conclusion that a problem with the technology exists in a previous scan and not in a new scan, and assumes that the problem in that the technology has been fixed.
The Technologies Dashboard
The Technologies Dashboard displays charts that provide an overall, cumulative picture of the types and numbers of technologies detected in scanned web applications.
Area |
Description |
Technologies |
This is the number of detected technologies, including out of date ones, and issues. |
Active |
This is the number of active issues, including high and medium ones. |
Fixed |
This is the number of fixed issues. |
Most Identified Technologies |
This provides details of the versions of the most common identified technologies. |
Severity Trend |
This chart displays the increase or decrease of each Vulnerability Severity Level over time. |
Security Overview |
This doughnut chart shows the security level of the Targets scanned by Netsparker Enterprise. |
Issues |
This clustered column chart shows the number of Issues found, grouped by Vulnerability Severity Level. Move the mouse on each column to get more information on the specific vulnerability. For further information, see Viewing Issues in Netsparker Enterprise). |
Groups Drop-down |
At the top right of the window, there is a drop-down. Click to view the security status of all your websites or certain groups only. The options are:
For further information, see Website Groups in Netsparker Enterprise.
|
Out-of-date Technologies |
This section displays the Name, Identified Version, Issues and Usage (how many websites) of each item. |
Fix Time |
This displays the estimated fix time for that technology. |
How to View the Technologies Dashboard
- Log in to Netsparker Enterprise
- From the main menu, click Technologies, then Dashboard. The Technologies Dashboard is displayed.
- In the Most Identified Technologies section, click for details of versions. See the Technologies Dashboard table above for what can be viewed in the other areas of the window.
Recent Technologies
All detected technologies discovered in recent web application scans are displayed in the Recent Technologies window.
Recent Technologies Fields
This table lists and explains the columns in the Recent Technologies window.
Field |
Description |
Website |
This is the website on which the technology was found. |
Name |
This is the name of the technology. |
Identified Version |
This is the version number of the technology, as used on the scanned website. |
Latest Version |
This is the latest available version of the technology. |
Issues |
These are the numbers of issues detected on the website, grouped by colour into severity levels (see Vulnerability Severity Levels). |
Last Seen |
This is the date the technology was last detected on the website. |
Status |
This indicates whether the technology exists and is currently used for a website. The options are:
|
Notification |
This indicates whether notifications are enabled. |
Technology Detail Fields
This table lists and explains the fields in the Technology Details window (see How to View the Details of a Technology).
Field |
Description |
Name |
This is the name of the technology. |
Category |
This specifies the category to which the technology belongs. |
Official Site |
This is the technology's official website. |
Description |
This contains a brief description of the purpose and features of the technology. |
Website |
This is the website on which the technology was found. |
Identified Version |
This is the version number of the technology, as used on the scanned website, including whether this version is out-of-date. |
Latest Update |
This is the number of the latest version of the discovered technology. |
Status |
This indicates whether the technology exists and is currently used for a website. The options are:
|
Notification |
This indicates whether notifications are enabled. |
In addition, the Issues tab displays a list of known issues detected in the web application.
How to View Recent Technologies
- Log in to Netsparker Enterprise.
- From the main menu, click Technologies, then Recent Technologies. The Technologies window is displayed.
How to View the Details of a Technology
- Log in to Netsparker Enterprise.
- From the main menu, click Technologies, then Recent Technologies. The Technologies window is displayed.
- Next to the relevant technology, click Detail. The Technology Detail window is displayed.
- Click the Issues tab to view details of the issues.
- If this technology has already been detected on other websites during other scans, an additional tab will be displayed, Websites. Click for further details.
Technologies Notifications
A Technologies notification is triggered when the version database is updated. The Technology Version Database is updated periodically. And according to this new information, the Technologies are checked again. In the case of a version with an out of date technology, or other issue, a collective notification is sent for the website that has changed.
Notifications are enabled by default. You can configure notifications from the Manage Notifications window.
How to Enable and Disable Notifications for Technologies
- Log in to Netsparker Enterprise.
- From the main menu, click Technologies, then Recent Technologies. The Technologies window is displayed.
- Select the technologies for which you want to enable or disable notifications.
- Click Notifications, then Enable Notifications or Disable Notifications.
How to Disable Notifications for Out Of Date Technologies
- Log in to Netsparker Enterprise,
- From the main menu, click Notifications, then Manage Notifications. The Notifications window is displayed.
- In the Out Of Date Technology row, click Edit. The Update Notification window is displayed.
- In the Status field, click 'Enabled'. 'Disabled' is displayed instead.
- Click Save.
Viewing a Report on Detected Technologies
Once you have finished your scan, you can run a report on the detected technologies.
How to View a Report on Detected Technologies
- From the main menu, click Scans, then Recent Scans.
- Next to the relevant scan, click Report, then Show Dashboard. The Technologies section lists all detected technologies for this web application.
- Click Detail to view the Technology Detail window.