Hello everyone, I'm a bit confused as to what the difference between the two products is. Can SECURE just scan our websites (s) and confirm there is no vulnerabilities or malware? Thanks!
Great question Luc!
As it turns out, SECURE seal uses the same engine as WAS for some of its testing. SECURE Seal runs 3 different scans, a VM network scan, a WAS web app scan and a MDS malware scan. But secure seal is designed to run WAS on the first 300 unautenticated pages of your Internet facing site. The combination of these scans provides users of your website an indication that you have performed security testing on those public areas and have good security hygine.
The full WAS product has many other features - you can scan up to 8000 links on each scan, and you can combine the results of an unlimited number of scans when you report. You can scan intranet as well as extranet web applications. WAS supports authenticated scanning and many more features. You also get daily MDS scanning for external sites when you purchase a WAS license. But you do not get VM network level scanning. So in general, WAS is a much more capable web app scanning product but SECURE seal is a great way to get all three types of scans that are specific to unauthenticated Internet facing sites.
If you are interested in learning more, contact your Technical Account Manager.
Thank you so much for the response Will. Forgive me for my ignorance, but I keep hearing the word used "Web applications" and I'm not sure if that is an actual application or just a bunch of web pages ? or a combination of both? What I'm looking for is a tool to scan our primary website to make sure there are no issues/vulnerabilities on any of the pages on our site. You said that the WAS can scan our intranet and extranet sites? How does it do this, if the tool is web based? Thanks again Will.
The management is all done in the cloud via our centralized portal. But you can deploy scanners inside your network that can perform scans and then securely send the results outbound via HTTPS to our centralized platform for reporting.
Web App is a wide term, but websites that accept user input can be vulnerable to various issues like XSS. Probably too deep a discussion - contact our sales and they can talk you through it.
I am not finding option to download the report in Secure Seal to share with Stakeholders. How to share the report with Stakeholders on the list of identified vulnerabilities or Seal pass status
Retrieving data ...