ArmourZero's Web Scan is an AI-powered penetration assessment tool that helps developers and security professionals to detect and find weaknesses and vulnerabilities in web application.
This Web Scan is categorised under Dynamic Application Security Testing (DAST), allowing you to assess and test the web application from an external perspective can help you to identify vulnerabilities that an attacker may find.
ArmourZero's Web Scan support both normal and authenticated website. Authenticated website DAST scan a security test that uses valid login credentials (normally test users' credential) to scan a running web application from the perspective of a logged-in user. This approach reveals vulnerabilities in protected areas of an application that unauthenticated scans would miss, such as those related to user-specific data, custom features, or privilege escalation issues.
The scanned results of all possible vulnerabilities detected will then be compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels. Each of these possible vulnerability detected will then be mapped into OWASP Top 10 List (2021) compliance which is the latest standard awareness document for developers and web application security. It represents a broad consensus about the most critical security risks to web applications.
There are 5 categories of CWE and CVE vulnerabilities' severity levels.
- Critical
- High
- Medium
- Low
- Information
Add a domain to start with ArmourZero's Web Scan immediately, find all possible vulnerabilities faster than attackers.