NSFOCUS Web Vulnerability Scanning System

Transcription

1 NSFOCUS Web Vulnerability Scanning System Overview Most Web application systems are tailor-made and delivered in source codes by Customer Benefits Accurate Analysis on Website Vulnerabilities Fast scan on Large-scale Websites Close-loop Website Security with WAF Flexible and Adaptable to Virtualized Environment suppliers, performing specific functions by running dynamic resolutions in different application environments. This brings new challenges to the security management of web application systems. A sole relying on patching passively doesn t work, since the application developers can hardly provide generic patches like Windows vulnerability patches. A more preemptive and proactive method is needed using dedicated web vulnerability solution for web security assessment. This solution should help security and development teams detect hidden vulnerabilities in the protected web applications or websites, and harden the systems before these vulnerabilities are exploited by hackers. NSFOCUS Web Vulnerability Scanning System (NSFOCUS WVSS) is an industry-leading web vulnerability scanning solution against the above challenges, powered by NSFOCUS s years of expert research and on-hand experience in application security. This solution allows automatic security assessment of all resources on your website by a simple point and shoot. It simulates website visitor s behaviors, such as button click, cursor movement, and complex form filling, detects potential vulnerabilities in the web application systems via the built-in security models, and provides priority-based fixing suggestions as well as actionable analysis reports. Moreover, NSFOCUS WVSS can automatically interact with NSFOCSUS Web Application Firewall (NSFOCUS WAF) to generate smart patches for automatic vulnerability fixing, effectively enhancing security management. Customer Benefits Accurate Analysis on Website Vulnerabilities NSFOCUS WVSS has professional web application security scanning and has established an industry-leading in website scanning and vulnerability analysis. It can intelligently recognize Ajax, Flash, JavaScript and Web 2.0 applications, etc. As well as support OWASP, WASC 1 / 7

2 vulnerability templates and compatible with an internationally standard classification of vulnerability. It uses forensic scanning technology to provide detailed reports which can easily help customer locate and fix dangerous vulnerabilities. Experts of NSFOCUS always keep track of the emergency web incidents to update the web vulnerability base immediately which can guarantee the website business in time. Fast Scan on Large-scale Websites Backed by NSFOCUS s in-depth researches in web application security, NSFOCUS WVSS adopts innovative technologies, including intelligent webpage crawling, dynamic resource adjustment, proxy cache, real-time task dispatching and URL-level loading balancing. It also has original advanced scanning evasion technology, and can correlate log analysis of each silo website. It can be set at constant scanning speed by manual or automatically adapting its speed to the context such as the bandwidth consumption. Powered by these industry-leading technologies, it can reach the highest scanning speed with zero impact on customer business, overcoming the challenges in scanning large-scale websites. Close-loop Website Security with WAF Relying on the original vulnerability tracking technology, NSFOCUS WVSS conducts statistical analysis on the entire process of vulnerability discovery, monitoring, and fixing. It can also correlate with NSFOCUS WAF to defend against the detected security threats. In this process, NSFOCUS WVSS automatically uploads the scanning reports onto NSFOCUS WAF where precise protection rules ( smart patch ) are generated and applied to the protected website, shaping a close-loop detection and defense. 2 / 7

3 Key Features In-depth Checking and Comprehensive Scan Visualized Verification Of Vulnerability Distributed Cluster Scan Global Risk Analysis and User-friendly Display Flexible and Adaptable to Virtualized Environment NSFOCUS WVSS can be easily deployed in the virtualized environment. With its independent virtualized management architecture, it can be supplied in software/ virtualized version as an on-demand technology to save extra maintenance expenses related to third-party hosting operating systems. It supports bare and hosting deployment modes. It can be installed on both segmented cloud hosts as well as on office computers, enabling efficient utilization of virtualized asset pools. Key Features In-depth Checking and Comprehensive Scan An automatic analyzer for more web applications: such as multiple web technology (PHP, ASP,.NET, HTML), site type (Portal, E-government, Forum, Blog, Online banking), web applications (IIS, Apache, Tomcat), third-party component (Struts2, WebLogic, WordPress). Large number of accurate scanning plugins: on the basis of an integrated NSFOCUS s plugins, base of WVSS also includes extensive international vulnerabilities, for example OWASP TOP / 2013; WASC, etc. Users can custom Scanning plugin templates according to their personalized needs. Immediate response of web attacks via keeping tracks of top web security incidents continuously, update vulnerability plugins for the first time. Static and dynamic combination of proactive detection technology linked to registers. Identify known and unknown registers type. 3 / 7

4 Visualized Verification of Vulnerability Support the verification of common web vulnerabilities including SQL injection, Cross-Site Scripting and many others. Batch verification is able to indicate where the vulnerability is in the code in manual or automatic verification mode. WVSS also allows correct the false verification. Through detailed proposal repair the code error, open up blocked links to immediately discover and repair vulnerability. Provide offline report with visualized verification scene which shows the vulnerabilities criterion from logic level provides the constructed request that is able to discover vulnerabilities, besides detailed list interactive data from code level. Distributed Cluster Scan Breaking traditional scanning methods achieve more granularity and in-depth URL scanning page-level load balancing, perfectly protect large-scale scanning via reliable and time-saving scanning technology. 4 / 7

5 Conveniently and flexibly expand lower level node, dynamic equilibrium between assigned single or multiple tasks. Distributed cluster scan adopts variety of scanning scene. It can achieve real-time automatic speed governor even with a maximum number of 32 lower level nodes Both management and scanning dual role. Focus on managing lower level node to scan and output summary reports Global Risk Analysis and User-friendly Display Dashboard:on the first page, summary data shows security risk posture of the target site helps understand the detail results as a quick entry firstly, such as last 10-Day overall risk level, last 30-Day top 10 dangerous website, up-to-date vulnerability info, single-website risk trend graph, network interface traffic, task progress, etc. Relying on the original vulnerability tracking technology: Original vulnerability tracking technology carried from the dimension of vulnerability discovery timeline. It shows the entire process about monitoring and repairing which can be used to easily locate risk distribution. 5 / 7

6 Multi-angle Reports:Multidimensional and professional reports not only provide single-site trend-report, but multi-site comparative risk report, automatically collection of the same type between multitasking vulnerability, etc. All vulnerabilities display based on the site resource tree. WVSS can generate reports when it s scanning sites. 6 / 7

7 Specifications Trojan detection Full coverage of Web 2.0 applications, including AJAX, Flash and JavaScript PHP, ASP,.NET, Java and other programming Detection and Testing languages Web servers, such as IIS, Apache, and Nginx Proxy scanning HTTPS scanning Flash attack detection Authentication methods, such as Basic, NTLM, cookies, and SSL Reports Correlation with WAF Deployment Others OWASP, WASC and other reports Correlation with NSFOCUS WAF IPv4, IPv6 Distributed deployment Data interface capability NSFOCUS TEL: NSFOCUS US TEL: NSFOCUS Japan TEL: [email protected] NSFOCUS is the trademark of NSFOCUS Information Technology Co., Ltd. NSFOCUS enjoys all copyrights with respect to all textual narrations, document formats, illustrations, photographs, methods, processes and other contents, unless otherwise specified, which shall be governed by relevant property rights and copyright laws. Without written permission of NSFOCUS, any individual or institution shall be prohibited to copy or quote any section herein in any way. About NSFOCUS NSFOCUS is a proven global leader in active perimeter network security for service providers, data centers, and corporations. It focuses on providing network security solutions including: carrier-grade Anti-DDoS System, Web Application Firewall, and Network Intrusion Prevention System - all designed to help customers secure their networks and corporate-critical information. More detailed information is available at 7 / 7