December 2021 update for Netsparker Standard 6.3
The highlights of the Netsparker Standard December release are software composition analysis (SCA), the OWASP Top Ten 2021 Report, and support for scanning GraphQL APIs.
Software composition analysis (SCA) with IAST
Netsparker Standard can now analyze your web application’s software composition using the Netsparker Shark IAST agent and list the components used. It can also detect whether any of these components are vulnerable by using Netsparker’s vulnerability database.
More and more web applications rely on third-party components, so your web application security also depends on the security of these components. It takes a lot of time and effort, however, to manually track whether these components have vulnerabilities and need updates to address these issues. Netsparker Standard can now check for third-party software libraries and report whether they have known security issues.
For further information, see Software Composition Analysis with Netsparker Shark (IAST).
OWASP Top Ten 2021 Report
Netsparker Standard can generate the OWASP Top Ten 2021 Report in HTML and PDF format, so you now have the option of reporting only the vulnerabilities that fall under this classification.
Thanks to the OWASP Top Ten 2021 Report, you can identify common security weaknesses in your web applications that could be exploited by malicious attackers. Developers and technical staff can prioritize and fix these security issues because the report provides them with all the essential information, including the HTTP request and response bodies.
Scanning GraphQL APIs
Netsparker Standard can now scan GraphQL APIs and report vulnerabilities.
GraphQL is a query language for APIs, originally developed by Facebook in 2012 and released to the public in 2015. Having a query language makes it easier and quicker to get data from a server to a client via API calls. Despite built-in validation and type-checking, GraphQL still has its security shortcomings that attackers can exploit to access sensitive data. Netsparker can now scan GraphQL APIs to identify vulnerabilities.
Application Security Testing for Enterprise
Netsparker helps you combat the cybersecurity skills gap and fully automate your web security processes. You can perform automatic vulnerability assessment, which helps you prioritize your work on fixing the issues.
Demand the best-in-class vulnerability management solution
Book a free demo session with our Netsparker specialist.
Free Netsparker Information Kit
Get first-hand information and use cases to discover how Netsparker can fix vulnerabilities with less manual effort.