You can easily view ArmourZero's Web Scan scanned results after you have triggered the scan. Reminder that as this scan is a penetration assessment tool, simulating real-time attack to find weaknesses and vulnerabilities, each scan have to trigger manually. All scan results will be listed in Latest Overall Scan Reports.
Step 1: Select the domain
1. Go to left menu and select "Web" under VULNERABILITY SCANNERS section. Click on the Domain ID or the three dots action icon on the domain, select "View Scan Details".
Step 2: View details of vulnerabilities detected
All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.
Each of these possible vulnerability detected will be automatically mapped into OWASP Top 10 List (2021) compliance which is the latest standard awareness document for developers and web application security.
1. A Latest Overall Scan Report of Web Scan will be auto generate for you after each scan.
2. You can also see past scanned reports under "Scan History" button to compare the previous results and current results. This is very useful if you have make correction or remediation on your web application; or simply to compare with the latest possible vulnerabilities found.
The scan report will be summarised into 5 categories of CWE and CVE vulnerabilities' severity levels; Critical , High , Medium , Low and Information.
All scanned results of all possible vulnerabilities detected will be automatically compared with industry Common Weakness Enumeration (CWE) and Common Vulnerability and Exposures (CVE) to determine the vulnerabilities' severity levels.
Each of these possible vulnerability detected will be automatically mapped into OWASP Top 10 List (2021) compliance which is the latest standard awareness document for developers and web application security.
You can easily view your latest web application's compliances based on this each scanned results.
Step 3: Mitigate vulnerabilities
1. Click on "Mitigation & Task Assignment". Here you can sort the list based on severity that you intend to focus on.
2. Select and open the vulnerability detected, click to view the details of vulnerability and how you and your team can mitigate it with AI-remediation suggestions. Also you can assign the mitigation task across team members and follow the mitigation status.
There are 2 main parts of mitigation:
Part 1 : Informations
- Vulnerability's type and information - to list in details information the found vulnerability.
- Vulnerability related instances - which instances (sub-domain or web pages) of your web application that causing the vulnerability.
Part 2 : AI Assistance
- AI Assistance False Positive Detector - to check with AI's analysis in real-time to ensure the detected vulnerability won't mistakenly identified as a threat or risk.
- Task management - to assign the task across team members to fix and track the mitigation progress and status.
- AI Assistance Remediation Suggestion - AI's analysis in real-time and recommend remediation against the vulnerabilities.
Notes:
Each vulnerability detected or found have it own characteristic, type, severity and risk to you and company. That's why each vulnerability have it's own remediation to work on.