by: DefenseCode |

DefenseCode is delighted to announce the launch of a brand new application security solution – WebStrike. DefenseCode WebStrike’s is a DAST (Dynamic Application Security Testing) solution for comprehensive security audits of active web applications and represents a perfect companion to our ThunderScan Static Application Security Testing solution, as the two solutions are complementary and offer complete security coverage of the development pipeline.

WebStrike will test a website’s security by carrying out a large number of attacks using the most advanced techniques, mimicking real-world attackers. It may be used regardless of the web application development platform and does not require source code. WebStrike is designed to support major web technologies such as HTML, HTML5, Web 2.0, AJAX/jQuery, JavaScript and Flash.

It’s designed to execute more than 5000 Common Vulnerabilities and Exposures tests for various web server and web technology vulnerabilities. It is capable of discovering more than 60 different vulnerability types (SQL Injection, Cross Site Scripting, Path Traversal, etc.), including OWASP Top 10.

WebStrike is able to scan classic web applications (HTML, HTML5, Web2.0, AJAX, Javascript) along with API endpoints as Web Services, SOAP and REST. WebStrike is capable of scanning web applications without any prior configuration but also post-authentication when the credentials are required.

WebStrike as with ThunderScan is designed to be used out of the box requiring virtually no user input. Powered by a REST API and a client/server architecture, it enables easy integration and automation of dynamic security testing.


DefenseCode Team