Comparison of Security Services
Contact SalesThe following table provides a brief comparison of the features of Netcraft’s Audited by Netcraft and Web Application Testing.
| Audited by Netcraft | Web Application Testing | |
|---|---|---|
| Testing mechanism | Automated | Programmed sequence of tests with expert intervention and interpretation |
| PCI DSS Requirements | Satisfies PCI requirement 11.2 | Satisfies PCI requirement 11.3 |
| Number of machines tested | Network | Network |
| Test Frequency | Daily, Weekly or Monthly (All include on demand scanning) | Single |
| Service vulnerabilities | All visible services | All visible services |
| Denial of Service (DoS) detection | Yes, including machine, service and protocol specific | Yes, including machine, service, protocol and application specific |
| Information disclosure checks | Partial | Yes |
| Source code reviews | No | Yes |
| Application Checks | No | In-depth |
| Analysis report | Automated | Written by expert |
| Differential report | Yes | Yes |
| Report Delivery | Secure HTTPS publishing | Secure HTTPS publishing |
| SSL certificate checks | Yes | Yes |
| Web-pages examined | 250 pages, 3 levels deep within 30 minutes | Site dependent |
| Web-page analysis | Yes | Yes |
| Search for broken links | Yes | Yes |
| Search for broken images | Yes | Yes |
| Detection of directory indexes | Yes | Yes |
| CGI vulnerability tests | Extensive | Extensive, including application specific |
| Test for script source visibility | Yes | Yes |
| SQL Injection tests | Partial | Yes |
| Cross-site scripting (XSS) checks | Partial | Yes |
| Malicious JavaScript detection (e.g. shopping site skimmers) | Yes | Yes |
| Detection of Operating System | Yes | Yes |
| ICMP checks | Yes | Yes |
| Windows checks | Yes | Yes |
| TCP & UDP port tests | Time-limited | Yes |
| Stealth testing | No | Yes |
| DNS spoofing | No | Yes |
| RPC testing | Yes | Yes |
| Initial Sequence Number prediction | Yes | Yes |
| FTP abuse checks | Partial | Yes |
| SMTP relay checks (spam) | Partial | Yes |
| LDAP checks | Partial | Yes |
| SNMP checks | Yes | Yes |
| DNS and bind checks | Partial | Yes |
| SMB/NetBIOS checks | Partial | Yes |
| NFS checks | Partial | Yes |
| NIS checks | Partial | Yes |
| Password guessing | Partial | Yes |
| WHOIS checks | No | Yes |
| Domain checks | No | Yes |
| Spoofing Checks | No | Yes |
Contact us to discuss what we can do for you
To arrange a trial, or to discuss your requirements, please contact us!
Contact SalesRelated News
Flurry of reboots signal Exchange Server patching
15 Mar
Security
Over 100,000 Outlook Web Access servers have been rebooted since Microsoft released security updates for the ProxyLogon remote code execution vulnerability. The subsequent flurry of reboot activity is likely indicative of many Microsoft Exchange servers...
View full post
3.6 million websites taken offline after fire at OVH datacenters
10 Mar
Security, Hosting, Around the Net, Performance
Around 3.6 million websites across 464,000 distinct domains were taken offline after the major fire at an OVHcloud datacenter site in Strasbourg overnight.
More than 18% of the IP addresses attributed to OVH in Netcraft’s most recent Web Server...
View full post
Feeding Frenzy as criminal groups stake their claim on Outlook Web Access servers
8 Mar
Security
This weekend, several days after Tuesday 2nd March when Microsoft released fixes for the ProxyLogon vulnerability, Netcraft found more than 99,000 unpatched Outlook Web Access servers accessible on the internet — of which several thousand have clear...
View full post