SEARCH FINANCIAL SERVICES INFRASTRUCTURE SECURITY SCIENCE INTERVIEWS

 

     

WhiteHat Security Intros Dynamic Single-page App Scanning

October 10, 2018

WhiteHat Security has intoduced a new feature for dynamic single-page application scanning in the WhiteHat Sentinel Dynamic product. The new feature is designed to automate the scanning for, discovery and updating of webpages, links and architecture, seamlessly and without impact on the customer experience.

A single-page application (SPA) is a site that interacts with the user by dynamically rewriting the current page rather than loading entire new pages from a server. This approach avoids interruption between successive pages, making the application behave more like a desktop app than a traditional website.

Two of the most common uses are email clients and shopping cart calls, which allow the user to move between common mailboxes without changing the URL, or to add items into a shopping bag without taking the user away from their current item description page. SPA sites are great for the user experience, but they can be challenging for dynamic web scanners to fully investigate.

“Most other vendors simply provide a browser plugin, but that requires a customer to navigate their SPA site and send back scripts for coverage,” said Shivajee Samdarshi, senior vice president of Engineering at WhiteHat Security. “We give our customers back valuable time to spend on growing their businesses. Instead of elaborate tutorials to teach set-up, configuration and scanning, we offer the confidence and convenience of a fully-automated coverage scan for most SPA sites.”

A variety of tools can perform the full domain crawl or page discovery of all the links, API operations, and libraries, but using them requires significant manual effort in set up, domain discovery, form training and other scanning technician details.

Instead, WhiteHat Sentinel Dynamic now performs all these discoveries automatically, with 75-90 percent more coverage of the single-page application architecture than other non-SPA specific scanning technologies, and without the time, effort and skill of a dedicated application security engineer or tester.

The benefits of using WhiteHat Sentinel Dynamic for SPA scanning include:

Comprehensive coverage to reveal more findings and crawl more pages through the deepest JavaScript framework stack in the business

No extensive setup, so that SPAscan be scanned like most other websites without heavy user interaction

No impact to scan schedule because WhiteHat Sentinel Dynamic scans are ongoing and continuous, to crawl the full SPA site

Support for automated dynamic application security testing of single-page applications is a new feature that will be free of charge to all customers of the existing Sentinel Dynamic Standard and Premium Edition licenses.

Terms of Use | Copyright © 2002 - 2018 CONSTITUENTWORKS SM  CORPORATION. All rights reserved. | Privacy Statement