Retina Web Security Scanner
Web Security, Vulnerability Assessment and Policy Compliance
The Retina Web Security Scanner is a best-in-class web scanning solution that rapidly and accurately scans large, complex web sites and web applications to tackle web-based vulnerabilities. The addition of this new product gives customers a complete picture of the performance and security status of deployed web applications plus on-demand inventory and diagnostic capabilities, ensuring privacy and compliance. Retina Web Security Scanner identifies application vulnerabilities as well as site exposure risk, ranks threat priority, produces highly graphical, intuitive HTML reports, and indicates site security posture by vulnerabilities and threat level.
The Retina Web Security Scanner leverages eEye’s advanced security intelligence capabilities, developed from years of product development, security research and professional services engagements. Using Retina Web Security Scanner and Retina Network Security Scanner in tandem, eEye customers now have a powerful multi-layered scanning approach.
"Taking a proactive approach to mitigating security vulnerabilities during the web application development process nowadays, is a critical necessity for every organization that chooses to take on an application development role. In my opinion, it is no longer acceptable to look at addressing security vulnerabilities in web applications after the fact, just to expedite getting an application delivered. The Retina Web Scanner product has proven to be an extremely useful tool in our arsenal during the actual web development process. The reporting engine allows us to zero in on potential issues quickly; as a result, deliver a better end product to our customers."
Nelson Martinez Jr., Systems Support Manager
City of Miami Beach
November 2009
Using signature-based checks for known vulnerabilities is not useful in the web application space because almost all web applications are different. Instead of attempting a check the same way every time, Retina Web Security Scanner determines the best way to evaluate an application for vulnerabilities like input validation, poor coding practices, weak configuration management and more. By attempting context-sensitive vulnerability checking, Retina Web Security Scanner can offer complete assessment coverage with outstanding accuracy.
Since all vulnerabilities are not created equal, Retina Web Security Scanner employs advanced intelligence engines to make sure the right priorities are communicated to you. By analyzing the content, structure and nature of each vulnerability, the solution can keep you focused on the real threats. From files/resources discovered to source code to scripts, comments, and directory contents, the automated reports will intelligently analyze all of Retina Web Security Scanner's findings to ensure you see the real threats.
In addition to assessing application vulnerabilities, Retina Web Security Scanner performs an advanced site analysis on your site structure, content and configuration to identify inherent exposure to future or emerging threats. This can be critical in determining security requirements and site architecture planning to mitigate future threats. Exposure is communicated via a security posture rating and qualitative analysis of findings, including a complete catalog of all site resources and their attributes (e.g. forms, cookies, scripts, SQL strings and ODBC connectors, authentication, applets/objects, hidden fields, etc.).
Retina Web Security Scanner is the easiest to deploy, easiest to manage and most accurate web application vulnerability scanner available. With industry leading reports and the most flexible data reporting possible, Retina Web Security Scanner provides you with the capability to communicate risk throughout your organization and secure your network. Combined with Retina Network Security Scanner, Retina Web Security Scanner customers are now able to extend their network vulnerability assessment best practices to include their growing portfolio of web applications and web sites.