Tenable One Web App Scanning
Unify web app and API scanning that’s simple, scalable, and automated. Whether it’s the top 10 risks from OWASP, vulnerable web app components or APIs, get comprehensive dynamic application security testing (DAST) with Tenable One Web App Scanning.
Eliminate application exposure with automated and scalable web application vulnerability scanning
Get comprehensive web app security
Use automated DAST and API scanning from the industry's largest vulnerability research team to secure your modern web applications.
Scan fast
See results in minutes
Deliver immediate value with fast web application scans to discover common cyber hygiene issues that run in two minutes or less.
Simplify setup
Set up intuitive scans
Set up a new web app scan in a few seconds using the same vulnerability management workflows you’re already familiar with. 为所有应用程序配置自动化测试(按周或按月)。
整合可见性
Integrate dashboards
Create fully customizable dashboards and widget visualizations to integrate IT, cloud, and web application vulnerability data into a single, unified view.
随地安装
Deploy as SaaS or on-prem
Use FedRAMP-authorized cloud security for scanning, or seamless on-premises integration via Tenable Security Center. Secure web apps against vulnerabilities, regardless of your deployment preference.
tenable one
全球唯一一个以 AI 技术为后盾的暴露风险安全管理平台
Tenable One 通过统一整个攻击面的安全可见性、洞察和行动,降低网络安全风险,帮助企业快速发现并修复关键弱点。
See why customers choose Tenable One Web App Scanning
Being able to manage our infrastructure and web apps in the same interface — and see a snapshot of the results in a single pane of glass — has been a real highlight and a big win for us as we continue to grow and expand our business.
Web app scanning FAQs
-
What are the web application scanning capabilities of Tenable One?
- Web application scanning is a critical part of the Tenable One exposure management platform. Tenable One Web App Scanning is a dynamic application security testing (DAST) application. A DAST crawls a running web application through the front end to create a site map with all of the pages, links, and forms for testing. Once the DAST creates a site map, it interrogates the site through the front end to identify any vulnerabilities in the application’s custom code or known vulnerabilities in the third-party components that comprise the bulk of the application.
-
What kind of vulnerabilities does Tenable One Web App Scanning identify?
- Tenable One Web App Scanning identifies OWASP Top 10 web application vulnerabilities, such as cross-site scripting (XSS) and SQL injection in custom application code and vulnerable versions of third-party components running on your site. 这两类漏洞都是确保现代 Web 应用程序得到全方位漏洞覆盖范围的必要前提。
-
Does Tenable One Web App Scanning identify misconfigurations or certificate issues?
- 可以。You can use Tenable One Web App Scanning to identify a number of cyber hygiene issues in web applications in two minutes or less using predefined scan templates. SSL/TLS 扫描模板可用于检查是否存在未正确签发或即将过期的 SSL/TLS 证书,有助于用户避免代价高昂且令人难以决断的浏览器警告和重定向。The Config Audit scan template checks for a number of server-side misconfigurations that leave web applications vulnerable to hacker reconnaissance or man-in-the-middle (MITM) attacks.
-
Can I tailor information that Tenable One Web App Scanning users have access to?
- 可以。Tenable One Web App Scanning includes role-based access control (RBAC). 管理员可以选择创建用户组,并分配用户权限,便于以单个扫描为基础来查看和启动扫描。Users will only see relevant scan data, so they can more easily focus their efforts and prioritize which vulnerabilities to remediate.
-
Can I create custom reports in Tenable One Web App Scanning?
- 可以。Tenable One Web App Scanning gives users the ability to create a variety of dashboards to tailor their reporting needs. 预先配置的执行层报告可帮助业务相关方了解团队的修复进度,同时提供详尽的技术细节。Tenable One Web App Scanning also allows users to create fully-custom dashboards of scan data to track metrics that are relevant to their teams. Tenable Vulnerability Management and Tenable Web App Scanning users can also create fully integrated dashboards combining IT, cloud, and web application vulnerabilities for unified visibility across their attack surface.
-
Does Tenable One Web App Scanning scan single page applications?
- 可以。Tenable One Web App Scanning scans modern web applications, including single-page applications. While no scanning tool can guarantee 100% coverage of all application types and vulnerabilities, Tenable One Web App Scanning crawls and scans many of the most popular single-page application frameworks.
-
How often are new vulnerability detections added to Tenable One Web App Scanning?
- Tenable’s world-class Research Team built Tenable One Web App Scanning. Tenable Research continuously analyzes vulnerabilities and the threat landscape and adds new detections for third-party components and custom code vulnerability detection as it discovers new security issues.
-
Can I use Tenable One Web App Scanning to perform code reviews?
- 不需要。Web App Scanning in Tenable One provides dynamic application security testing (DAST), meant to test running applications and does not perform static code reviews. 静态应用程序安全测试 (SAST) 工具可用于执行代码检查。
Tenable One
申请演示
全球领先的由 AI 驱动的暴露风险安全管理平台。
谢谢
感谢关注 Tenable One。
我们的代表会尽快与您联系。
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success