ParosPro Server Edition - Features
Network Spider and Website Anaylsis
Powerful Scanner Identify Web Application Vulnerabilites
Vulnerability scanning is powered by plug-ins written to target common vulnerabilities in websites, including SQL Injection and Cross-site scripting which are the most critical web application security flaws according to OWASP. The plug-ins also search for many popular Content Management Systems (CMS) vulnerabilities, and perform server fingerprinting and information gathering, etc. The vulnerability scanner simulates hacker attacks against websites to accurately determine the security problems.
Informative Assessment Reports
After vulnerability scanning, all alerts and vulnerabilities are included in a scan report. Each alert item in the report include detailed description on the vulnerability and a list of links that are vulnerable to the related threat. Moreover, we provide solutions and references on how to fix the vulnerability. With such informative report, user can easily spot and fix the problem. The scan report can be saved in HTML format.
Network Spider Tuning and Scanning with Authentication
Network spider can be tuned manually according to the scan scope and available bandwidth of the network. For example, user can change the depth and links to be crawled by the network spider according to the size of their web application. Or change the connection timeout setting based on the available bandwidth of the network. Moreover, if the website requires user authentication, user can input the authentication credentials in the scan setting for the spider to use.
The Scan Scheduler included in ParosPro Server Edition provides companies the flexibility to configure a scan at a pre-defined date time. For companies that are required to maintain PCI compliance or other security standards, ParosPro Server Edition helps to maintain compliance by testing your web applications periodically.
Real-time Status and Statistics
The built-in Dashboard provides a quick overview of any scan in progress and displays the progress information of running scans. The Dashboard also displays information of alerts detected during scanning. This allows the user to have a faster preview of the discovered findings.
The system automatically logs user activities of the server usage. This allows administrators to easily track logon activities, user account modifications, system setting changes, scan status updates and user settings. Administrator can use it to spot out potential system issues or to assist in troubleshooting users' usage problems.
Email notifications can be configured to alert authorized users after a scan completes. The email includes a finding summary which enables users who may not be readily available to access the server to view scan results and take actions to mitigate risks.
New Web-based Interface
The ParosPro Server Edition is powered by an user-friendly web interface which allows users to access the server from any computer using a web browser.
The interface was designed with the user in mind. The interface allows users to quickly and easily perform scans and auditing, view reports and change setting.