Invicti Security Releases Enterprise-Class IAST Solution
Netsparker adds depth to web application security testing with new module
Invicti Security, a global leader in web application security, announced that it has added Interactive Application Security Testing (IAST) capabilities to Netsparker, its award-winning web application security scanner. The IAST sensor works hand-in-hand with Netsparker’s Dynamic Application Security Testing (DAST) solution to provide deeper insights into runtime issues, and to identify and test local assets that crawlers can’t see.
Recommended AI News: AMD Global Telemedicine Announces Integration with PointClickCare Technologies
Recent research by IBM Security estimates the average cost of a data breach to be $3.86 million, with the average time to identify and contain one reaching 280 days. To be effective, modern web application security testing must combine the widest possible test coverage with the accuracy required to efficiently isolate and resolve vulnerabilities. Netsparker’s combined dynamic and interactive (DAST + IAST) approach to scanning provides customers with three key benefits:
- More complete scanning: IAST sensors inspect the application “from the inside” and scan parts of the application that a DAST scanner alone could not see
- Additional verification: DAST + IAST scanning analyzes the application’s runtime behavior to provide additional confirmation of vulnerabilities for directly actionable results
- Better insight for remediation: IAST scanning can provide line-of-code level details on where vulnerabilities exist, so developers and security pros can address them more quickly and with less manual effort
“Adding IAST to Netsparker means that this solution now provides even more actionable results to dev teams so they can remediate vulnerabilities,” said Ferruh Mavituna, founder of Netsparker and CEO of Invicti Security. “Runtime insights extend an organization’s ability to confidently automate application security testing so they can scale their security operations.”
Recommended AI News: Reversing the Move to Cities Explained by IDTechEx
IAST provides more detailed information about vulnerabilities and possible attack payloads that enable security engineers and Netsparker itself to triage issues faster and more accurately. The insights provided by IAST also help bring developers closer to security with a deeper understanding of security issues in their code.
“Adding the extra vulnerability details from IAST to our existing Proof-Based Scanning changes the dynamics of application security testing, and we’re getting great feedback from customers,” said Mike Mattos, Invicti Security Senior Vice President of Customer Success. “This is another advancement in Netsparker’s approach to helping developers and security teams work more effectively together to improve an organization’s security posture.”
Recommended AI News: AdTech Leader TripleLift Announces Majority Investment from Vista Equity Partners