What is a web app? And why scan ‘em?
Web apps are just like apps on your phone or laptop - they’re programs that do something (usually related to storing, processing, and retrieving information). The only difference is that they run inside your web browser rather than on a specific device!
Zeguro’s web app vulnerability scanner looks at the web apps your company uses to identify vulnerabilities - problems or weaknesses that a hacker could exploit. The goal of running a scan is to find these vulnerabilities before the bad guys do, and make sure you get them fixed.
The web app vulnerability scanning feature lives inside Zeguro’s Monitoring module, rather than a scanning module, because we think it’s important to do scans on a regular, continual basis. New vulnerabilities are constantly being discovered, and many web apps get new features added on a regular basis (new features can introduce new vulnerabilities). It’s important to make sure you’re running a scan frequently enough to stay ahead of the hackers.
Scan configuration options and recommendations
To help you achieve a useful monitoring cadence, Zeguro recommends setting a scanning frequency of no more than once a month, but no less than quarterly. You will need to take into account your company’s schedule to make sure the scan runs at an appropriate time (we suggest outside of normal business hours), and you may want to look to schedule scans after upgrades or releases of your web app (e.g., if you release updates every second Tuesday, try scheduling the scan for every second Wednesday).
The Zeguro scanner has two modes, which run an increasing number of tests. It’s a balancing act to get it right - the more tests, the better chance of discovering a vulnerability, but the longer the scan will take. The scan modes are described below, along with our recommendations:
The lightning scan tests for just a few basic security configuration items on a web page, such as weak SSL encryption or security settings missing for cookies.
- Time: Fastest
- Depth of Scan: Minimal
Zeguro’s recommended setting, this mode tests for a broad set of vulnerabilities with a variety of settings and payloads (data used to test the application). The additional activity from the scanner causes this scan to take a little longer.
- Time: Slow
- Depth of Scan: Deep
Using the Zeguro scan report
The Zeguro scan reports are designed to be easy to read, however they do assume a basic knowledge of web app and cybersecurity terminology. If words like POST, PUT, and SQL Injection mean absolutely nothing to you, we recommend adding an appropriate member of your team to the Zeguro platform, such as a CTO, Engineering Lead, etc.
You can also download a copy of the scan reports as a PDF, and send them to an engineering, IT, or other team responsible for maintaining your web app. This report contains all the details they need to verify the vulnerability exists, and has recommendations for fixing it. As all web apps are unique, this is guidance first and foremost - your IT team may need to do some additional research and testing to identify how to fix the vulnerability.
Once a vulnerability has been fixed, the scanner will identify this issue as fixed the next time it runs, and remove it from future reports. If the issue appears again in the future, our scanner will note that it was previously identified as an issue and re-open it; this helps your team to pinpoint the cause of a recurring vulnerability and speeds up the time to fix it.