Know Your Weak Points
Close the Coverage Gap with Universal Translator
You can't find what you can't see. Only AppSpider gives you full automated coverage throughout all corners of your application ecosystem to identify web application vulnerabilities.
Coverage is the first step to scanner accuracy. Scanners were originally built with a crawl and attack architecture, but crawling doesn't work for dynamic rich clients, APIs, and microservices. AppSpider goes beyond testing traditional name=value pair formats in HTML. It's Universal Translator interprets newer technologies used in web and mobile applications,including API’s and microservices (AJAX, GWT, REST, JSON, etc.). AppSpider provides broad coverage needed for today's wide variety of web applications.
Attack with intelligence
AppSpider doesn't test known application vulnerabilities because we know today's applications are custom with unique site structures, parameter names, and responses. It creates custom attacks based on your architecture to give you the most accurate results. To more accurately simulate real world attacks, AppSpider conducts positioning and proximity form analysis to intelligently input the data that the form is expecting.
Continuously monitor your applications
Don't let unknown risks keep you up at night. AppSpider's continuous site monitoring identifies changes in your application ecosystem that inadvertently inject new vulnerabilities. It then triggers a re-scan according to configurable settings.
Stay authenticated for deep assessment
Most applications are custom and each application has its own authentication approach. Scanners must be able to recognize the authentication form, know whether the login was successful, and handle single sign-on. AppSpider is capable of authenticating on even the most complex authentication approaches as well as the following web service solutions: Oauth, HMAC, Integrated NONCE, and user defined.