Skip to content
Skip to breadcrumbs
Skip to header menu
Skip to action menu
Skip to quick search

Skip to end of banner Go to start of banner

Scanning

Skip to end of metadata

Created by Tin Pham, last modified on Jan 21, 2013

Go to start of metadata

nCircle IP360

General server scanning.

How it works,

Uses Agentless scanning technology.
Has ability to log in and scan but not used where we are.
Discovers and profiles all networked devices.
Uses protocol header information to determine what specific scans to make.
Utilizes a hardened appliance architecture.
Appliance which uses "open standards" may be based on open source so might just be Linux

nCircle WebApp360

Specifically designed to scan web applications. Checks for,

Cross Site Scripting (XSS)
SQL Injections
Web Server Vulnerabilities
Web Server Information Leakage
Cookie Usage Policies
Application Server Vulnerabilities (not sure if it checks for this)
SSL Cipher Strength
Buffer Overflow (not sure if it checks for his)
Appliance which uses "open standards" may be based on open source so might just be Linux

nCircle CCM

Logs into the system and checks for compliance against a configurable baseline defined by the client.

How it works,

Require a root privilidged account, like sudo or pfexec.
Checks for hardening compliance standards.
- Patches (going by published vulnerabilities, http://cve.mitre.org/ database)
- Services
...

Hp WebInspect

Same as WebApp360

No labels