N-Stalker - The Web Security Specialists

About Our Technology

Since the early migration of legacy client-server systems to the new Web 2.0 standard, Web Applications are present everywhere. From Corporate Intranet to E-Commerce Internet Portals, Web-based distribution of information systems and applications is growing fast and along with it, the capability to fulfill an old promise of computer system ubiquity at low maintenance cost and extraordinary flexibility benefits.

Web Applications have enabled Service-oriented architecture (SOA), thus creating a network of different web components and technologies organizations are now relying upon to promote their core business. This scenario raises the need for a trustful and effective infrastructure to support the transaction demand and, increasingly, to protect the information generated by employees, customers, partners and citizens.

Attacks are now business oriented and raise a high demand for more effective vulnerability assessment, and specially for the solution capable of understanding the foundation of a Service-oriented architecture with the ability to manage custom web application business logics and security controls from early phases of development to the daily operations of production-level environment.

Securing your systems is not just about firewall and intrusion prevention mechanisms anymore. Web protocols such as HTTP and HTTPS can traverse towards your infrastructure right back to your Web Servers, Application Containers and backend databases.

Component-Oriented Web Application Security Scanning

N-Stalker proposes a new approach on Web Application Security Assessment, bringing a complete solution, ready to cover every phase of Secure Web Development Life-cycle.

The unique patent-pending technology of Component-oriented Web Application Security Scanning will provide the most effective approach to your custom application, by enabling a Service-oriented Architecture (SOA) analysis with a security perspective.

N-Stalker Web Application Security Scanner will not crawl resources as a regular browser would do – it will evaluate web resources as individual components and inspect the relationship among each other. Once every component is gathered and processed, N-Stalker will produce dynamic security check rules to produce the most effective security assessment for the target Web Application.

The concept of different scanning profiles – Development & QA, Infrastructure & Deploy and Audit & Pen-test analysis – will give customers the ability to verify relevant security issues based on their web application life-cycle, ranging from OWASP Top 10 security recommendations to Bugtraq 0-day vulnerabilities being exploited by malicious users in the wild.

1. Development & QA Phase - Controls and mitigate vulnerabilities introduced during development phases. Tests your application for common web vulnerabilities such as XSS and SQL injection, Buffer Overflow and Parameter Tampering.
2. Infrastructure & Deploy Phase - Scans your web server infrastructure using the most complete Web Attack Signature available in the market ("N-Stealth HTTP Vulnerabilities Database(tm)"). It is more than 35,000 signatures to guarantee a safe environment and secure deployment of your Web Application.
3. Audit & Pen-test Phase - Audits your production-level web applications and web server infrastructure by periodically combining the power of Component-oriented Web Application Security Assessment and the "N-Stealth HTTP Vulnerabilities Database(tm)".