Call a Specialist Today! 800-886-5369

BeyondTrust Retina Web Security Scanner
Comprehensive Vulnerability Scanning for Dynamic Web Applications


BeyondTrust Products
Retina Web Security Scanner with Basic Support Subscription
Retina Web Security Scanner with Basic Support Subscription, 1-499 Users
#RWSS-B-SUB(1-499)
Contact us for pricing!
Retina Web Security Scanner with Basic Support Subscription ESS, 1-499 Users
#RWSS-B-ESS(1-499)
Contact us for pricing!

Click here to jump to more pricing!

Overview:

Websites and web-based applications are favored targets of today’s advanced cyber attacks. And while web applications can be mission-critical for many organizations, they may have not been designed that way. Often developed internally from a combination of third-party platforms, tools and services – these types of applications pose a unique risk. Since they are custom built, most web applications will contain distinct vulnerabilities, including those that are implementation and not code-related, requiring assessment and remediation techniques that go beyond traditional network vulnerability management.

Powered by AcunetixRetina Web Security Scanner is a comprehensive application security testing solution designed for modern web and mobile applications that are built on technologies such as AJAX, SOAP, WADL, XML, JSON, GWT, and CRUD operations.

With Retina Web Security Scanner, you can automatically crawl and scan off-the-shelf and custom-built websites and web applications for SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF) and over 3,000 other web application vulnerabilities.

  • Crawl web pages that include technologies such as AJAX, SOAP/WDSL, SOAP/ WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT), and CRUD operations.
  • Cover the OWASP Top 10 most critical web application security risks including SQL Injection, XSS, CSRF, and more.
  • Scan and crawl complex password protected areas automatically, including multi-step, Single Sign-On (SSO), CAPTCHAs, and multi-factor with a built-in login recorder.
  • Audit web applications against a database of more than 1,200 known WordPress core, theme, and plugin vulnerabilities.
  • Scan hundreds of thousands of web pages and applications without interruption, using Retina’s multi-threaded architecture.

Retina Web application vulnerability scan results.
Retina Web application vulnerability scan results.

Comprehensive Application Security Testing for Identifying Complex Website and Web Application Vulnerabilities

Retina Web Application Security Scanner automatically crawls and scans off-the-shelf and custom-built websites and web applications for SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and over 3,000 other web vulnerabilities.

  • Crawl web pages that include technologies such as AJAX, SOAP/WDSL, SOAP/ WCF, REST/WADL, XML, JSON, Google Web Toolkit (GWT), and CRUD operations.
  • Cover the OWASP Top 10 most critical web application security risks, including SQL Injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and more.
  • Automatically crawl and scan complex password protected areas, including multi-step Single Sign-On, CAPTCHAs and multi-factor with an included login recorder.
  • Audit web applications against a database of more than 1,200 known WordPress core, theme, and plugin vulnerabilities.
  • Scan hundreds of thousands of web pages and applications without interruption, using Retina’s multi-threaded architecture.

Advanced Protection for Custom Web Applications

Today’s modern web applications are custom-built with unique site structures, parameter names and responses. Therefore, rather than checking for known vulnerabilities, Retina Web Security Scanner employs pen testing tools, heuristics, and behavioral analysis techniques to discover unknown threats that fly under the radar of signature-based scans.

  • DeepScan Technology: Accurately crawl most content such as full HTML5, JavaScript, and AJAX-heavy client-side Single Page Applications (SPAs).
  • AcuMonitor Technology: Discover out-of-band and blind vulnerabilities including SQLi, XSS, XXE, SSRF, and more.
  • AcuSensor Technology: Increase vulnerability detection while significantly limiting the number of false positives.
  • Login Sequence Recorder: Automatically crawl and test web applications that require complex authentication.
  • Advanced Penetration Tools: Create and automate custom attack scenarios just like an attacker.

Highlights:


Comprehensive Web Crawling


Comprehensive Web Crawling

Accurately crawl most web content such as full HTML5, JavaScript and AJAX-heavy client-side Single Page Applications (SPAs).

Fast & Accurate Scanning


Fast & Accurate Scanning

Test application source code while the application is running enables you to increase vulnerability detection while significantly limiting the number of false positives and negatives.

Uncover Hidden Threats


Uncover Hidden Threats

Discover out-of-band and blind web application vulnerabilities including SQLi, XSS, XXE, SSRF, and more.

Automate Complex Logins


Automate Complex Logins

Automatically crawl and scan complex password protected areas including multi-step, SSO, CAPTCHAs and multi-factor. Scan hundreds of thousands of web apps without interruption.

Features and Benefits:

Crawling and Scanning

  • Accurately crawl and scan HTML5 web applications and execute JavaScript.
  • Scan complex client-side applications that leverage AngularJS, EmberJS and Google Web Toolkit.
  • Reliably detect advanced DOM-based Cross-site Scripting
  • Scan for malicious URLs and test popular CMSs such as WordPress, Drupal, Joomla!, and more.
  • Record complex login events for easy access.

Detecting and Alerting

  • Discover out-of-band and blind vulnerabilities including SQLi, XSS, XXE, SSRF, and more.
  • Test application source code on the back-end during execution.
  • Increase vulnerability detection and significantly limit false positive and negative rates.
  • Pinpoint vulnerability location down to line of code.
  • 100% coverage of back-end applications and high-severity vulnerabilities.

Reporting and Remediating

  • Cut response times with remediation examples and recommendations.
  • Export results (XML) for integration with a variety of third-party solutions.
  • Generate reports for developers, business leaders and compliance auditors.
  • Create virtual patches for Imperva and Fortinet WAFs.

Documentation:

Download the BeyondTrust Retina Web Security Scanner Datasheet (.PDF)

 

Retina Web Security Scanner with Basic Support Subscription, 1-499 Users
#RWSS-B-SUB(1-499)
Contact us for pricing!
Retina Web Security Scanner with Basic Support Subscription ESS, 1-499 Users
#RWSS-B-ESS(1-499)
Contact us for pricing!
Retina Web Security Scanner with Platinum Support Subscription, 1-499 Users
#RWSS-P-SPT(1-499)
Contact us for pricing!
Retina Web Security Scanner with Platinum Support Subscription ESS, 1-499 Users
#RWSS-P-SPT-ESS(1-499)
Contact us for pricing!
Retina Web Security Scanner with Standard Support Subscription, 1-499 Users
#RWSS-S-SPT(1-499)
Contact us for pricing!
Retina Web Security Scanner with Standard Support Subscription ESS, 1-499 Users
#RWSS-S-SPT-ESS(1-499)
Contact us for pricing!