Web application security scanner

A web application security scanner is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses.[1] It performs a black-box test. Unlike source code scanners, web application scanners don't have access to the source code and therefore detect vulnerabilities by actually performing attacks. Web applications have been highly popular since 2000 because they allow users to have an interactive experience on the Internet. Rather than just view static web pages, users are able to create personal accounts, add content, query databases and complete transactions. In the process of providing an interactive experience web applications frequently collect, store and use sensitive personal data to deliver their service. Customers benefit from the convenience of these applications, while tacitly taking on risk that private information stored in web applications will be compromised through hacker attacks, insider leaks etc. According to the Privacy Rights Clearinghouse, more than 18 million customer records have been compromised in 2012 due to insufficient security controls on corporate data and web applications.[2]

Overview

A web application security scanner facilitates the automated review of a web application with the expressed purpose of discovering security vulnerabilities, and are required to comply with various regulatory requirements. Web application scanners can look for a wide variety of vulnerabilities, including:

In a copyrighted report published in March 2012 by security vendor Cenzic, the most common application vulnerabilities in recently tested applications include:[3]

37% Cross Site Scripting
16% SQL Injection
5% Path Disclosure
5% Denial of Service
4% Code Execution
4% Memory corruption
4% Cross Site Request Forgery
3% Information Disclosure
3% Arbitrary File
2% Local File Inclusion
1% Remote File Include
1% Buffer overflow
15% Other (PHP Injection, Javascript Injection, etc.)

Commercial and open-source scanners

Tom's IT Pro has provided short reviews of a number of Web Application Security Scanners[4] and an older (but no longer maintained) list of free and commercially available scanners is available at the Web Application Security Consortium.[5]

Strengths and weaknesses

As with all testing tools, web application security scanners are not perfect, and have strengths and weaknesses.

Weaknesses and limitations

Strengths

Notes

  1. http://projects.webappsec.org/w/page/13246986/Web%20Application%20Security%20Scanner%20Evaluation%20Criteria Web Application Security Scanner Evaluation Criteria version 1.0], WASC, 2009
  2. "Chronology of Data Breaches". Privacy Rights Clearinghouse. 9 July 2012. Retrieved 9 July 2012.
  3. "2012 Trends Report: Application Security Risks". Cenzic, Inc. 11 March 2012. Retrieved 9 July 2012.
  4. Sullivan, Dan. "2014 Cloud-Based Vulnerability Scanning Tools Compared". Tom's IT Pro. p. 2. Retrieved 15 April 2014.
  5. Shura, Brian. "Web Application Security Scanner List". Web Application Security Consortium.
  6. Web Application Scanners Challenged By Modern Web Technologies. SecurityWeek.Com (2012-10-25). Retrieved on 2014-06-10.

External links

This article is issued from Wikipedia - version of the Sunday, February 21, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.