Today's security teams are responsible for securing hundreds of applications that include complex rich clients and APIs, complying with industry and government regulations, and keeping up with hacking trends. To them, building an effective application security program requires more than just crawling the web application interface. It's about having comprehensive application coverage and utilizing more sophisticated attack methodologies that address the technologies used by modern applications. With AppSpider, you can plan, control and measure scans and look across all application scan data to track improvements in your security posture. Utlimately, AppSpider provides a way for you to assess and prioritize areas of greatest risk and enables you to build a modern enterprise application security program.
AppSpider is a dynamic application security testing solution that allows you to scan web and mobile applications for vulnerabilities.
The core technology behind AppSpider is the Universal Translator, which interprets the new technologies, such as AJAX, HTML5, and JSON, that are being used in today's web and mobile applications and crawls traditional applications.
Available on premise, hosted or as a managed service, AppSpider enables you to effectively manage your application security program, delivers thorough analysis, comprehensive application coverage and sophisticated attack methodologies.
- AppSpider Pro
- AppSpider Enterprise
- AppSpider OnDemand
- Broad coverage
- Advanced authentication
- Interactive reports
- Distributed and scalable
- Centralized control
- Continuous site monitoring
- End to end testing of APIs built with the OpenAPI Specification (formerly known as Swagger)
Dynamic Application Security Testing - DAST tools traditionally communicate with applications through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses. Properly architected DAST tools first perform a “crawl” of the client interface to understand the application and then they conduct an “attack” or “audit” to find the vulnerabilities.
Client - A client represents a collection of users who interact with AppSpider.