Retina Web Security Scanner

The Retina Web Security Scanner is a best-in-class web scanning solution that rapidly and accurately scans large, complex web sites and web applications to tackle web-based vulnerabilities. The addition of this new product gives customers a complete picture of the performance and security status of deployed web applications plus on-demand inventory and diagnostic capabilities, ensuring privacy and compliance. Retina Web Security Scanner identifies application vulnerabilities as well as site exposure risk, ranks threat priority, produces highly graphical, intuitive HTML reports, and indicates site security posture by vulnerabilities and threat level.

The Retina Web Security Scanner extends eEye’s growing integrated threat management security suite and leverages eEye’s advanced security intelligence capabilities, developed from years of product development, security research and professional services engagements. Using Retina Web Security Scanner and Retina Network Security Scanner in tandem, eEye customers now have a powerful multi-layered scanning approach.

With the addition of eEye’s centralized management and reporting console, REM, security administrators have a unified solution that consolidates security information into one dynamic repository. REM facilitates data analysis and benefits administrators by eliminating information overload and automating previously time-consuming tasks. Users are able to install the Retina Web Security Scanner on the same servers that currently run Retina Network Security Scanner, significantly reducing installation and maintenance costs.

Using signature-based checks for known vulnerabilities is not useful in the web application space because almost all web applications are different. Instead of attempting a check the same way every time, Retina Web Security Scanner determines the best way to evaluate an application for vulnerabilities like input validation, poor coding practices, weak configuration management and more. By attempting context-sensitive vulnerability checking, Retina Web Security Scanner can offer complete assessment coverage with outstanding accuracy.

Since all vulnerabilities are not created equal, Retina Web Security Scanner employs advanced intelligence engines to make sure the right priorities are communicated to you. By analyzing the content, structure and nature of each vulnerability, the solution can keep you focused on the real threats. From files/resources discovered to source code to scripts, comments, and directory contents, the automated reports will intelligently analyze all of Retina Web Security Scanner's findings to ensure you see the real threats.

In addition to assessing application vulnerabilities, Retina Web Security Scanner performs an advanced site analysis on your site structure, content and configuration to identify inherent exposure to future or emerging threats. This can be critical in determining security requirements and site architecture planning to mitigate future threats. Exposure is communicated via a security posture rating and qualitative analysis of findings, including a complete catalog of all site resources and their attributes (e.g. forms, cookies, scripts, SQL strings and ODBC connectors, authentication, applets/objects, hidden fields, etc.).

Retina Web Security Scanner is the easiest to deploy, easiest to manage and most accurate web application vulnerability scanner available. With industry leading reports and the most flexible data reporting possible, Retina Web Security Scanner provides you with the capability to communicate risk throughout your organization and secure your network. Combined with Retina Network Security Scanner and REM, Retina Web Security Scanner customers are now able to extend their network vulnerability assessment best practices to include their growing portfolio of web applications and web sites.