insightAppSec

The Universal Translator

Bridge discovery and attack with the Universal Translator

The Universal Translator understands the formats, protocols, and development technologies used in modern mobile and browser-based applications. Whether analyzing data from a traditional name::value pair crawl or traffic captured within a proxy capture for modern apps, the Universal Translator normalizes traffic and attacks your application to uncover vulnerabilities.

Scan single page applications (SPAs)

Single page applications are a recent web innovation that has made it possible to provide end users with snappy, responsive experiences without slow and annoying page reloads. Despite their increased presence on the web, many legacy application scanners have difficulty crawling these types of web apps, since they don't utilize a traditional HTML sitemap. InsightAppSec has been designed to automatically crawl and attack SPAs, providing coverage where other solutions can't.

Assess modern web applications

Web applications have come a long way from the static HTML and Perl scripts that drove version 1.0 of the web. Web apps today are built with modern Javascript frameworks, REST APIs, and microservices. But getting reliable results from a DAST scan of modern web apps shouldn't be (but often is) a challenge. InsightAppSec provides support and coverage of modern web technologies to save security and DevOps teams time and resources normally spent training and tuning scans—right out of the box.

Extend coverage

Modern web applications today are complex, and not all can be comprehensively scanned without some configuration. For example, application areas behind multi-step login sequences that include a CAPTCHA challenge. For this reason, InsightAppSec supports multiple means to enhance coverage programmatically, through recorded macros, Selenium test scripts, Swagger REST API definitions, and traffic recordings. With the flexibility provided by these options, InsightAppSec ensures your scans generate accurate results.

Keep pace with the modern web

Web technologies continue to evolve at a high velocity. Thus, your DAST solution should be architected to be future-proof. InsightAppSec's Universal Translator logically separates the crawl and attack engines used in a DAST scan, allowing for easy and frequent updates to one engine—such as new attacks and new input types—without breaking functionality in the other.

Resource

Feature Brief: Universal Translator in InsightAppSec and AppSpider

The Universal Translator enables Rapid7’s Dynamic Application Security Testing (DAST) solutions—InsightAppSec and AppSpider—to maximize test coverage for modern web applications.

View now

Free 30-Day Trial of InsightAppSec

Get started with our industry-leading dynamic application security testing (DAST) solution

Try InsightAppSec

No credit card required. All fields are mandatory.



Sorry your request cannot be completed at this time. Please reach out to sales at +1-XXX-XXXX or at email@rapid7.com.