Tenable One Web App Scanning
Unify web app and API scanning that’s simple, scalable, and automated. Whether it’s the top 10 risks from OWASP, vulnerable web app components or APIs, get comprehensive dynamic application security testing (DAST) with Tenable One Web App Scanning.
Eliminate application exposure with automated and scalable web application vulnerability scanning
Get comprehensive web app security
Use automated DAST and API scanning from the industry's largest vulnerability research team to secure your modern web applications.
Scan fast
See results in minutes
Deliver immediate value with fast web application scans to discover common cyber hygiene issues that run in two minutes or less.
Simplify setup
Set up intuitive scans
Set up a new web app scan in a few seconds using the same vulnerability management workflows you’re already familiar with. 全アプリケーションに対して週次または月次の自動テストを設定します。
クラウド環境全体を一元的に可視化
Integrate dashboards
Create fully customizable dashboards and widget visualizations to integrate IT, cloud, and web application vulnerability data into a single, unified view.
どこにでもインストール可能
Deploy as SaaS or on-prem
Use FedRAMP-authorized cloud security for scanning, or seamless on-premises integration via Tenable Security Center. Secure web apps against vulnerabilities, regardless of your deployment preference.
tenable one
世界唯一の AI を活用したサイバーエクスポージャー管理プラットフォーム
Tenable One は、アタックサーフェス全体にわたってセキュリティの可視性・詳細情報・対応を一体化してサイバーリスクを低減します。危険な脆弱性を迅速に特定して修正できるようになります。
See why customers choose Tenable One Web App Scanning
Being able to manage our infrastructure and web apps in the same interface — and see a snapshot of the results in a single pane of glass — has been a real highlight and a big win for us as we continue to grow and expand our business.
Web app scanning FAQs
-
What are the web application scanning capabilities of Tenable One?
- Web application scanning is a critical part of the Tenable One exposure management platform. Tenable One Web App Scanning is a dynamic application security testing (DAST) application. A DAST crawls a running web application through the front end to create a site map with all of the pages, links, and forms for testing. Once the DAST creates a site map, it interrogates the site through the front end to identify any vulnerabilities in the application’s custom code or known vulnerabilities in the third-party components that comprise the bulk of the application.
-
What kind of vulnerabilities does Tenable One Web App Scanning identify?
- Tenable One Web App Scanning identifies OWASP Top 10 web application vulnerabilities, such as cross-site scripting (XSS) and SQL injection in custom application code and vulnerable versions of third-party components running on your site. これらの脆弱性のカテゴリは、現代のウエブアプリケーションにおいて、脆弱性を包括的に網羅する上で不可欠です。
-
Does Tenable One Web App Scanning identify misconfigurations or certificate issues?
- はい、可能です。You can use Tenable One Web App Scanning to identify a number of cyber hygiene issues in web applications in two minutes or less using predefined scan templates. SSL/TLS スキャンテンプレートは、不正に発行された、もしくは間もなく有効期限切れとなる SSL/TLS 証明書をチェックします。これにより、ユーザーはコストにつながる厄介なブラウザの警告やリダイレクトを回避できます。The Config Audit scan template checks for a number of server-side misconfigurations that leave web applications vulnerable to hacker reconnaissance or man-in-the-middle (MITM) attacks.
-
Can I tailor information that Tenable One Web App Scanning users have access to?
- はい、可能です。Tenable One Web App Scanning includes role-based access control (RBAC). 管理者は、個別のスキャンごとにスキャンを表示および開始できるようにユーザーグループを作成し、ユーザー権限を割り当てることができます。Users will only see relevant scan data, so they can more easily focus their efforts and prioritize which vulnerabilities to remediate.
-
Can I create custom reports in Tenable One Web App Scanning?
- はい、可能です。Tenable One Web App Scanning gives users the ability to create a variety of dashboards to tailor their reporting needs. 事前構成済みのエグゼクティブレベルのレポートを使用することで、技術的な詳細情報を失うことなく、修正に関するチームの進捗状況をビジネスの利害関係者に通知できます。Tenable One Web App Scanning also allows users to create fully-custom dashboards of scan data to track metrics that are relevant to their teams. Tenable Vulnerability Management and Tenable Web App Scanning users can also create fully integrated dashboards combining IT, cloud, and web application vulnerabilities for unified visibility across their attack surface.
-
Does Tenable One Web App Scanning scan single page applications?
- はい、可能です。Tenable One Web App Scanning scans modern web applications, including single-page applications. While no scanning tool can guarantee 100% coverage of all application types and vulnerabilities, Tenable One Web App Scanning crawls and scans many of the most popular single-page application frameworks.
-
How often are new vulnerability detections added to Tenable One Web App Scanning?
- Tenable’s world-class Research Team built Tenable One Web App Scanning. Tenable Research continuously analyzes vulnerabilities and the threat landscape and adds new detections for third-party components and custom code vulnerability detection as it discovers new security issues.
-
Can I use Tenable One Web App Scanning to perform code reviews?
- いいえ。Web App Scanning in Tenable One provides dynamic application security testing (DAST), meant to test running applications and does not perform static code reviews. 静的アプリケーションセキュリティテスト (SAST) ツールはコードレビューを実行します。
Tenable One
Container デモを申し込む
世界をリードする、AI を活用したエクスポージャー管理プラットフォーム
ありがとうございます
Tenable One に関心をお寄せいただきありがとうございます。
近々、担当者からご連絡させていただきます。
Form ID: 7469
Form Name: one-eval
Form Class: c-form form-panel__global-form c-form--mkto js-mkto-no-css js-form-hanging-label c-form--hide-comments
Form Wrapper ID: one-eval-form-wrapper
Confirmation Class: one-eval-confirmform-modal
Simulate Success