Can you please tell the difference between the Web Application scan available in PCI module and Web Application scan in the WAS module ?
Also what way PCI scan is different from the full port scan in VM module ?
PCI WAS isn't as comprehensive as our full blown WAS offering.
- The PCI WAS does un-authenticated scanning of Websites mostly while we do support form based simple authentication.
- The PCI WAS does not offer advanced things like progressive scanning, multi-scan etc
- The PCI WAS is optimized for a simpler workflow and is limited to perfrom PCI specific audits.
- The PCI WAS does not offer a API support, advanced scheduling, tagging etc
- The PCI WAS has no BURP integration and no BugCrowd integration
- The PCI WAS engine is not as solid a crawler as the full blown WAS with support for HTML5, SPA, other JS frameworks etc.
The list is really big and you can see a difference when you try the WAS out.
Simplest way, shout out to your TAM to enable a WAS trial.
Retrieving data ...