Comparison of Security Services
Contact SalesThe following table provides a brief comparison of the features of Netcraft’s Audited by Netcraft and Web Application Testing.
Audited by Netcraft | Web Application Testing | |
---|---|---|
Testing mechanism | Automated | Programmed sequence of tests with expert intervention and interpretation |
PCI DSS Requirements | Satisfies PCI requirement 11.2 | Satisfies PCI requirement 11.3 |
Number of machines tested | Network | Network |
Test Frequency | Daily, Weekly or Monthly (All include on demand scanning) | Single |
Service vulnerabilities | All visible services | All visible services |
Denial of Service (DoS) detection | Yes, including machine, service and protocol specific | Yes, including machine, service, protocol and application specific |
Analysis report | Automated | Expertly written |
Report Delivery | Secure HTTPS publishing | Secure HTTPS publishing |
Web-pages examined | 250 pages, 3 levels deep within 30 minutes | Site dependent |
CGI vulnerability tests | Extensive | Extensive, including application specific |
Detection of directory indexes | Yes | Yes |
Detection of operating system | Yes | Yes |
Differential report | Yes | Yes |
ICMP checks | Yes | Yes |
Initial Sequence Number prediction | Yes | Yes |
Malicious JavaScript detection (e.g. shopping site skimmers) | Yes | Yes |
RPC testing | Yes | Yes |
Search for broken images | Yes | Yes |
Search for broken links | Yes | Yes |
SNMP checks | Yes | Yes |
SSL certificate checks | Yes | Yes |
Test for script source visibility | Yes | Yes |
Web-page analysis | Yes | Yes |
Windows checks | Yes | Yes |
TCP & UDP port tests | Time-limited | Yes |
Cross-site scripting (XSS) checks | Partial | Yes |
DNS and bind checks | Partial | Yes |
FTP abuse checks | Partial | Yes |
Information disclosure checks | Partial | Yes |
LDAP checks | Partial | Yes |
NFS checks | Partial | Yes |
NIS checks | Partial | Yes |
Password guessing | Partial | Yes |
SMB/NetBIOS checks | Partial | Yes |
SMTP relay checks (spam) | Partial | Yes |
SQL Injection tests | Partial | Yes |
Application Checks | No | In-depth |
DNS spoofing | No | Yes |
Domain checks | No | Yes |
Source code reviews | No | Yes |
Spoofing Checks | No | Yes |
Stealth testing | No | Yes |
WHOIS checks | No | Yes |
Contact us to discuss what we can do for you
To arrange a demo, or to discuss your requirements, please contact us!
Contact SalesRelated News
Funny and malicious server banners
31 Jan 2022
Around the Net, Security
Netcraft’s most recent Web Server Survey includes nearly 1.2 billion websites. Most of these sites return a server banner that shows which web server software they use, thus allowing us to determine the market shares of each server vendor since 1995....
View full post
Increasing Number of Bank-Themed Survey Scams
12 Jan 2022
Netcraft Services, Security
Examples of bank-themed survey scams seen by Netcraft
Netcraft has seen a large increase in survey scams impersonating well-known banks as a lure. These are often run under the guise of a prize in celebration of the bank’s anniversary, though in...
View full post
Bangladesh, South African and Iraqi Government sites have been found to be hosting web shells
3 Dec 2021
Around the Net, Security
Netcraft recently confirmed that a Bangladesh Army site was hosting an Outlook Web Access (OWA) web shell. Additionally, an OWA web shell was found on the Department of Arts and Culture site for the South-African Kwazulu-Natal province and an Iraqi...
View full post