What is web application scanning?
Web application scanning is directed towards the company’s websites. A web application scanning is a deep scan that crawls the website. It makes it possible to conduct a deep scan of the logic within the individual web application.
The scanning is conducted as a black box test which means no further knowledge than the URL. A vulnerability scanning of a website crawls the entire website and covers, in addition to commonly known vulnerabilities also, information regarding if the website is vulnerable to:
- SQL injection.
- Code injection.
- Command injection.
- Path traversal.
- File inclusion.
- XSS – Cross-Site Scripting.
- Etc.
The most common vulnerabilities BlackstoneOne finds in a web application scanning are:
- Exposing sensitive data.
- Defective access controls.
- Use of vulnerable third-party components.
- Misconfiguration of web servers.
- Missing security headers.
When a URL scanning is conducted in BlackstoneOne, a web application scanning of the website and an infrastructure scanning are performed. Thus, you don’t have to worry about conducting both types of scans.
![](https://blackstoneone.net/wp-content/uploads/sites/3/2021/12/WebAppScanFoto.png)
Do you want to know more?
Fill out the contact form below with your name and e-mail address. Then we will contact you with more information regarding our solution for vulnerability scanning and management.