Benefits of Netsparker

Reporting

Finding and confirming security vulnerabilities is only part of the story. You also need to be able to visualize and share your findings with colleagues and management. Netsparker supports a range of built-in report formats, as well as the ability to design your own custom reports.

Reports

After every completed scan, the results may be output using rich report templates in a range of supported file formats.

For example, the Detailed Scan Report is a PDF/HTML report that includes summary statistics and a summary table of all the detected vulnerabilities, together with links to additional actionable detail, such as the impact and the remedy of the vulnerability. Every reported vulnerability also includes external reference links to well-known compliance specifications (PCI, OWASP, CAPEC, OWASP etc...).

Custom Reporting

You may optionally use Netsparker's Reporting API to generate custom reports. The reporting API supports C# scripting and Netsparker ships with a sample report that may be used as a template and customized to meet bespoke reporting requirements.

Netsparker reports vulnerabilities with a high degree of specificity, to ensure that reported issues are unambiguous and easily actionable.

For example, where some scanners simply report XSS (Cross-site Scripting), Netsparker reports one of the more specific variants of XSS (Reflective XSS, Permanent XSS, XSS via RFI, Limited XSS) together with specific recommendations that enable action that is appropriate to that variant. The same principle is applied to all types of vulnerabilities that have multiple variants.

Logging

Netsparker supports the logging of all HTTP requests and responses as well as all identified vulnerabilities and other scan related data.

This is often required by penetration testing companies, who require a reliable and complete audit trail of their testing activities.