“Improving web application security requires a comprehensive, risk-based approach that puts web application risks in context of overall security risk. IT security teams need tools that allow them to determine the criticality of the application and the severity of defect to determine risk priorities.”
The new version of WebApp360 detects a wide variety of both XSS and SQL injection attacks through expanded coverage of critical web applications, improved ease of use, and faster, more comprehensive scans. WebApp360 allows enterprises to automatically and continuously detect critical web application vulnerabilities and place them in context of overall IT risk enabling security teams to focus resources on the tasks that will have the greatest impact on security.
“Web application flaws are one of the fastest growing categories of vulnerabilities so it’s no surprise that web application security incidents are becoming increasingly common and expensive for companies of every size,” said Lamar Bailey, director of security research and development for nCircle. “Improving web application security requires a comprehensive, risk-based approach that puts web application risks in context of overall security risk. IT security teams need tools that allow them to determine the criticality of the application and the severity of defect to determine risk priorities.”
Expanded Content Management System Coverage
WebApp360 now detects two of the most popular content management systems; WordPress and Joomla. Over 54% of all websites that employ a content management system use WordPress and Joomla has ranked in the top three content management systems for the last three years. WebApp360 allows administrators to find all outdated or vulnerable versions of WordPress and WordPress plug-ins as well as Joomla installations.
Vulnerability detection for WordPress is available now and will be available soon for Joomla.
Client-side Web Application Library Detection
Automatic Detection of Virtual Hosts
WebApp360 now automatically detects virtual hosts served by webservers across multiple domains, including those that are unknown. Comprehensive virtual host discovery results in more complete and accurate network scan results as well as the ability to detect unapproved servers.
Information Disclosure Detection
Webpages often reveal critical information to attackers, including default webserver configurations such as insecure HTTP methods and unintentionally enabled debugging features. WebApp360 now discovers and reports this information so preventative measures can be taken.
WebApp360 utilizes IP360’s market leading scalability, manageability and vulnerability coverage. Together, WebApp360 and IP360 offer customers an unprecedented, prioritized view of IT risk from web applications to the IT infrastructure that supports them. For more information please visit: http://www.ncircle.com/index.php?s=products_webapp360
About nCircle Solutions
nCircle provides the world's most comprehensive suite of solutions for agentless security and configuration auditing for physical and virtual IT environments. nCircle's solutions combine the broadest discovery and deepest assessment of networks and their operating systems, applications, vulnerabilities and configurations with advanced analytics to help enterprises reduce security risk and achieve compliance. nCircle solutions include IP360™ for enterprise vulnerability management, PureCloud™ for cloud-based vulnerability scanning, WebApp360™ for web application scanning, Configuration Compliance Manager™ for configuration auditing and file integrity monitoring, Certified PCI Scan Service™ for PCI scanning, Suite360 Intelligence Hub™ for advanced reporting and analytics and Benchmark for and security performance management.
nCircle is the leading provider of information risk and security performance management solutions to more than 6,500 businesses and government agencies worldwide. nCircle solutions enable enterprises of all sizes to (1) automate compliance and reduce risk, and (2) measure and compare the performance of their IT security program with their own goals and industry peers. nCircle solutions may be deployed on a customer’s premises, as a cloud-based service, or in combination, for maximum flexibility and value.
nCircle has won numerous awards for growth, innovation, customer satisfaction and technology leadership and has been ranked among the top 100 best places to work in the San Francisco Bay Area. nCircle is headquartered in San Francisco, CA, with regional offices throughout the United States and in London and Toronto. To learn how you can more effectively protect your company visit us at http://www.ncircle.com.
nCircle is a registered trademark of nCircle Network Security, Inc. All other registered or unregistered trademarks are the sole property of their respective owners.