How to scan for MongoDB injection vulnerabilities – and how to fix them

NoSQL injection attacks against MongoDB databases are a major threat to full-stack JavaScript applications. Invicti security engineer Özgür Dinç shows how to find MongoDB injection vulnerabilities with Invicti’s vulnerability scanner – and how to fix them.

Cloudflare Web Application Firewall Rule Generation

Invicti Terminates Support for TLS 1.1

Invicti will no longer support TLS 1.1 from 26 December 2019. This will affect all HTTPS traffic to Invicti, including: software updates, the licensing process, and vulnerability database updates. Invicti requests that all users encountering issues should update their settings or contact Invicti Support.

New Scan Search Feature

Progress Panel Improvements

Netsparker Terminates Support for TLS 1.0

Netsparker will no longer support TLS 1.0 from 14 January 2019. This will affect all HTTPS traffic to Netsparker, including: software updates, the licensing process for Netsparker and vulnerability database updates. Netsparker requests that all users encountering issues should update their settings or contact Netsparker Support.

How to Integrate Netsparker Enterprise with Slack

Slack is a team messaging system that facilitates communication in enterprise teams with a series of channels. This topic explains how to integrate Netsparker Enterprise with Slack, manage integrations, configure a notification to report security issues to a Slack channel or Direct Message (DM) and view notifications while creating a scan.

Working with Custom Report Policies in Netsparker

This blog post describes and explains Custom Report Policies and how to create them. Two significant report customisations are possible: excluding a vulnerability from the web security Scan Report and changing the Severity Level of a vulnerability. Excluding a vulnerability means that the vulnerability is not reported in the scan results or report.

The Proof-Based Scanning™ Technology in Netsparker Web Vulnerability Scanners

This post explains how Netsparker’s unique Proof-Based Scanning#TM# technology works and also looks into the benefits of utilizing such technology.

How Does Netsparker Licensing Work?

This FAQ answers all your questions regarding the new Netsparker licensing model, including queries about licenses, editions, activiations, websites and license keys.

Netsparker Plans & Editions Integration

The Netsparker web application security solution is available via three different plans through which users will have access to both Netsparker Desktop and Netsparker Enterprise. Plans also allow users to easily share scan and vulnerability data between the two editions of Netsparker.

Netsparker and Single Sign-On Support

Netsparker supports Single Sign-On, so once you enable it, your users can access vulnerability and scan data in the Netsparker Enterprise dashboard without the need to login to it. This post includes a list of Single Sign-On services supported by Netsparker.

How to Configure Google Single Sign-On Integration with SAML

This article explains how to configure Google Single Sign-On (SSO) integration with Security Assertion Markup Language (SAML) in order to sign in to enterprise cloud applications, such as Netsparker Enterprise. An Identity Provider (IdP) provides users with unified sign-on across all cloud applications, eliminating individual user IDs and passwords.