Web Application Scanning

Services > Assessment Services > Web Application Scanning

Crawling your website for vulnerabilities within web applications.

Service Overview

Web application scanning, also referred to as web application vulnerability scanning or web application security scanning, crawls a website for vulnerabilities within web applications. After analyzing all the discoverable web pages and files, the scanner builds a software structure of the entire website. The web application scanner does not have access to the source code; instead of analyzing the code, vulnerability scanners perform simulated attacks against an application and analyzes the results. 

Our Web Application Scanning (WAS) service utilizes industry-leading tools to scan your web apps for vulnerabilities that hackers could leverage against you. The output is a report detailing any findings along with recommendations on how to remediate any issues that were found.

Service Details

Web Application Scanning tests the application later in the development lifecycle and after release, in runtime.

Web application testing, or scanning, is a foundational part of DevSecOps. 

Our Website Application Scanning (WAS) service provides a snapshot of how vulnerable your web application is to an attack. This is accomplished by launching an industry-leading automated tool that will actively scan your web applications for vulnerabilities.

We use the Common Vulnerability Scoring System (CVSS) framework to provide output in the form of a report containing a prioritized list of any vulnerabilities that require review & remediation. The WAS can be run just once or you can request follow-up scans. This enables you to gauge the effectiveness of your remediation activity as well as discover any new vulnerabilities that have inadvertently been opened as a result.