Web services are frequently used by organizations since they ease the communication between network and web based devices and application. Yet, even though they have become very popular their security is very often overlooked, hence posing a security threat to the organization's IT infrastructure.
Automatically crawl, scan and identify vulnerabilities in web services with Netsparker Web Application Security Scanner. Netsparker can scan the following type of web services:
Scanning a web service with Netsparker web vulnerability is as easy as scanning a web application; just point Netsparker to the web service's URL and click the Start Scan button.
Netsparker can also automatically identify web services within web applications, therefore if when scanning a web application Netsparker detects one, it will scan it as well.
Web services definition files (such as WSDL and WADL) do not necessarily have to be online. You can import an offline definition file from your disk to Netsparker and the scanner will parse it and automatically add the necessary requests to crawl it and scan it.
If web services are discovered during a web application vulnerability scan they will be reported in a knowledge base node. Read Scanning Web Services and Scanning RESTful web services for more detailed information on web services scanning.