Scan Policy Type

Top  Previous  Next

N-Stalker Web Application Security Scanner allows for three (3) different types of scan policies, as listed below:

 

Enterprise Policy

 

This is the most complete assessment type, carrying security checks from web server vulnerabilities (infrastructure) to custom application development (QA). It also includes compliance analysis for confidentiality and information leakage issues.

 

This type is available only on N-Stalker Enterprise Edition.

 

SQA Policy

 

This is the "Software Quality Assurance" policy type that will focus its analysis on development issues and problems within the application. OWASP Top 10 is a common list of security checks that can be assessed under this type of policy.

 

This type is available on N-Stalker Enterprise and QA Editions.

 

Infrastructure Policy

 

This is the common infrastructure security analysis that is focused on discovering vulnerabilities in the web server and third-party components, not concerned about application-oriented issues. N-Stalker carries more than 39,000 security checks against the web server to detect vulnerable third-party software. This option will not carry application security analysis such as "SQL injection" and Parameter-tampering.

 

This type is available on N-Stalker Enterprise, Infrastructure Edition and Free Edition (restricted set of signatures).