Analyzing each and every file in-depth, the web application scanner will crawl the entire website and display the website structure. Once this discovery stage is complete, the main vulnerability scan is performed agains the continually updating service database. The scan involves the automatic audit for common security vulnerabilities, security breaches as well as risks.
GamaSec then delivers an report once the vulnerability scan is complete. The report includes an executive summary for management, as well as a detailed report for technical teams. Both reports list the appropriate recommendations based on the list of vulnerabilities found, along with the severity levels of each vulnerability.
Regular scans are beneficial, because as you make changes to your web server, you may be inadvertently creating new vulnerabilities, whether you know it or not.
What GamaScan Looks For The GamaSec Application Vulnerability Scan looks for over 20 known families of attacks, including:
- SQL Injection
- .NET Exception
- Cross-Site Scripting
- Cookie Manipulation
- Directory Traversal
The Benefits of GamaSec Automated Vulnerability Assessment
Regular use of automated, on-demand GamaSec Vulnerability Assessment will help you:
Prioritize vulnerabilities, and providing links to validated rememdies. Time is critical when defending against rapidly developing application attacks. An audit service can discovers holes and rank the severity of problems can save you valuable research and repair time.
Provide dramatic operational cost savings for assessment and patch management. Compared to manual testing and/or third-party "pen-test" consultants, automated Vulnerability Assessment offers compelling savings in both time and money.
Reduce human error with unbiased, reliable auditing. Automated Vulnerability Assessment helps prevent security errors by serving as an extra pair of eyes that never sleep. Running audits before and after installing new hardware or software can ensure proper configuration and prevent vulnerabilities that have been inadvertently introduced by ugrades and changes.
Simplify set-up and operations without adding special hardware or hiring an expert. Traditional network security management can be complex. Using an automated, Web-based security audit solution is simple. Any standard browser and standard TCP/IP communications allows you to run scans, view reports, and download patches.
Weekly online reports. Automatic audit scans are pre-scheduled and performed on a weekly basis. Detailed reports, security configuration advice, and hotlinks to patches and problem fixes appear in your report shortly after the completion of a vulnerability audit. Instead of relying on a consultant's schedule, you can assess your network defenses whenever & wherever you are.
Features of the GamaSec Vulnerability Scanner
Tailor-made Application – The GamaSec service is a pure in-house development with real-time market adaptation.
Web Application Attacks Engine – GamaSec is the only company today that covers more than 20 web vulnerability application families with the capacity to create a tailor made attack. We can adapt to any web site configuration and produce dynamic tests which will create relevant reports of online scan findings.
Next Generation GamaSec – GamaSec is actively producing the next generation service & solutions. GamaSec offers scanning through user login, on web-form authentication pages.
Automatic False Positive Prevention Engine – The number of configuration differences among Web Server platforms creates a difficult environment to assess Web Application risks without responses that are false positives. GamaSec effectively addresses this issue through the creation of false-positive filter rules automatically without any manual interference. The sophisticated GamaSec proprietary hashing system manages and inspects seven dynamically generated pages to include them for internal automatic rule generation.
Component-oriented Web Crawler and Scanner Engine - Web Applications are becoming more complex everyday. Reverse proxies can obscure multiple platforms and technologies behind one simple URL. The GamaSec Scanner will crawl through the Web Applications using a component-oriented perspective. For every available component found, GamaSec explores its relationship within that application and constructs customized and effective security checks.
Most Complete Web-Attack Signatures Database - Using the most up-to-date attack signature database available, GamaSec can inspect your web server infrastructure against threats with highest degrees of certainty. The ever varying signatures & risk factors can be scanned against a myriad of technologies; third-party software packages, well-known web server vendors and internal R&D vulnerabilities, can all be processed by your GamaScan solution.
Simplify Setup and Operations - With no need to add any special hardware or in-house expert, integrating an automated, web-based security audit solution can solve a major business headache with the most elegant lowest-cost solution. Any standard browser with standard TCP/IP communications permits you to run scans, view findings, and implement recommended solutions.
Support HTTP Web Authentication Schemes - GamaSec supports the widest variety of HTTP Authentication schemes, common HTTP protocol, BASIC, NTLM with abilities to analyze the broadest web technologies; PHP, ASP.NET, ASP, etc.
Enhanced Report Generation for Scanning Comparison - GamaSec includes an internal report creation engine. With enhanced features it provides the ability to create comparison and trend analysis of your web applications vulnerabilities based on scan results generated over selected time periods.
Contact an Alentus Dedicated Hosting Expert toll-free at 1-877-922-9903 or via email at 
For Existing Customers:
Login to the Alentus Support Center http://support.alentus.com and submit a ticket to Ordering, selecting GamaSec Application Vulnerability Scan from the Choose an Application Menu.
Overview
Hackers and intruders work around the clock dedicating all their time and resources to finding new ways into your web applications. The last thing you need is for someone to find a new way in. The GamaSec Application Vulnerability Scan from Alentus is another level of defense to protect your application as well as your corporate and customer data.
