Finding and confirming security vulnerabilities is only a part of the story. You also need to visualize the vulnerability yourself, keep track of the security state of the target web application, and share your security findings with colleagues, developers and management. With Netsparker Web Application Security Scanner you can generate professional reports, as well design your own customer reports.
Once a web application security scan is complete, results may be output to professional reports using rich report templates such as Detailed Scan Report, Comparison Report and OWASP Top 10 Report.
Management can also produce comparison and trending reports to get a good overview of the security progress of a web application or a specific project, or generate a PCI compliance reports to ensure that the target web application is PCI compliant.
Reports can be exported to common file formats such as HTML and PDF.
Other reports such as Scan URLs List, Vulnerability List, Crawled URLs list can also be generated with Netsparker. Such reports are typically used for analysis and by developers, therefore they can be exported CSV and XML format so they can be easily imported by tools used in the SDLC.
Should you wish to create your own reports you can use the Netsparker's Reporting API which supports C# scripting. Netsparker is also shipped with a sample report which can be used as a base template and can be customized to meet your reporting requirements.
You can use Netsparker's Report Policies to customize the way the scanner presents the findings of the web security scan both in the scan results and in the reports. By tailoring the scan results to match your organization's security policies the fixes will be applied in a timely and organized manner, ensuring a strong security posture of all your web assets.
Netsparker logs all of the action taking place during a web application security scan. For example it can log all of the HTTP requests and responses, all identified vulnerabilities and other scan-related data.