|
 |
| Product & Service > Secuguard WSE > Main Features |
 |
|
|
|
Assessment Scanner For Web Services, Web Application’s Vulnerability Assessment Tool
Secuguard WSE is a security software solution that examines various web applications on all web systems and prescribes all vulnerability’s solutions. |
|
 Secuguard WSE Main Feature |
| Main Feature |
|
Description |
|
| Server Discovery |
|
- Auto discovery of Web Server IP, Hostname
- Auto discovery of Web Server’s OS and Application |
|
| Page Analysis |
|
- Web content’s structure analysis and auto URL collect feature
- URL parsing from JavaScript, AJAX and Flash
- User defined URL filtering
- Configuration Settings (Proxy, URI Search depth, URI count limit, Etc)
- Tree structured URL collector (URL information, HTML Header information, URL Browser) |
|
| Assessment |
|
- Parallel Examination : Examine multiple target servers simultaneously
- Examination History : Examination history provided
- Vulnerability Viewer : Tree structured intuitive vulnerability information for administrator provided
- Multithread based fast and string / paralleled vulnerability examination.
- Multiple web servers’ vulnerability examination in one operation console screen.
- Reduced examination time from parallel runs
- Server administrators’ examination privilege management.
- Managing multiple servers’ vulnerability scans
- Various examination type provided (Group, Batch, By Operation System, Etc.)
- Grading founded vulnerability, its content, impact and solution provided |
|
| Assessment Items |
|
- Cross Site Scripting, SQL Injection, CRLF Injection, Code Execution, Directory Traversal, File Inclusion, Input Validation, Authentication, Etc
- JavaScript, AJAX, Flash File Analysis
- Scan with web authentification
- Extracting certain information(Credit card number, personal identification number, E-mail) from web pages and attached files.
- Keyword filter (Imitated content violation, sexual assault, verbal maltreatment, violation) availablility |
|
| Assessment Policy |
|
- Korea National Security Service TOP 8, OWASP 10, SANS TOP 20, WASC TOP 24 Vulnerability assessment provided |
|
| Hacking
simulation tool |
|
- HTTP Login Brute Force tool
- HTTP encode / decode tool
- HTTP Access trial tool
- HTTP Fuzzer and more |
|
| Scheduling |
|
- Scheduled Assessment test and E-mail service |
|
| Report |
|
- Various reports such as vulnerability assessment report, assessment report with vulnerability level
- Various graph and char based on Crystal Report™
- Various reports format conversion provided (DOC, RTF, PDF, XLS, XML) |
|
| Update |
|
- Update newly updated examination list from Update server.
- Update examination modules on scheduled time
- Offline update for users who cannot access Nilesoft online Update server.
- For internal network environment, online update through internal update server provided |
|
| |
|
|
|
 |
|
|
|
|
|
