Comparison of Security Services
Contact SalesThe following table provides a brief comparison of the features of Netcraft’s Audited by Netcraft and Web Application Testing.
| Audited by Netcraft | Web Application Testing | |
|---|---|---|
| Testing mechanism | Automated | Programmed sequence of tests with expert intervention and interpretation |
| PCI DSS Requirements | Satisfies PCI requirement 11.2 | Satisfies PCI requirement 11.3 |
| Number of machines tested | Network | Network |
| Test Frequency | Daily, Weekly or Monthly (All include on demand scanning) | Single |
| Service vulnerabilities | All visible services | All visible services |
| Denial of Service (DoS) detection | Yes, including machine, service and protocol specific | Yes, including machine, service, protocol and application specific |
| Information disclosure checks | Partial | Yes |
| Source code reviews | No | Yes |
| Application Checks | No | In-depth |
| Analysis report | Automated | Written by expert |
| Differential report | Yes | Yes |
| Report Delivery | Secure HTTPS publishing | Secure HTTPS publishing |
| SSL certificate checks | Yes | Yes |
| Web-pages examined | 250 pages, 3 levels deep within 30 minutes | Site dependent |
| Web-page analysis | Yes | Yes |
| Search for broken links | Yes | Yes |
| Search for broken images | Yes | Yes |
| Detection of directory indexes | Yes | Yes |
| CGI vulnerability tests | Extensive | Extensive, including application specific |
| Test for script source visibility | Yes | Yes |
| SQL Injection tests | Partial | Yes |
| Cross-site scripting (XSS) checks | Partial | Yes |
| Malicious JavaScript detection (e.g. shopping site skimmers) | Yes | Yes |
| Detection of Operating System | Yes | Yes |
| ICMP checks | Yes | Yes |
| Windows checks | Yes | Yes |
| TCP & UDP port tests | Time-limited | Yes |
| Stealth testing | No | Yes |
| DNS spoofing | No | Yes |
| RPC testing | Yes | Yes |
| Initial Sequence Number prediction | Yes | Yes |
| FTP abuse checks | Partial | Yes |
| SMTP relay checks (spam) | Partial | Yes |
| LDAP checks | Partial | Yes |
| SNMP checks | Yes | Yes |
| DNS and bind checks | Partial | Yes |
| SMB/NetBIOS checks | Partial | Yes |
| NFS checks | Partial | Yes |
| NIS checks | Partial | Yes |
| Password guessing | Partial | Yes |
| WHOIS checks | No | Yes |
| Domain checks | No | Yes |
| Spoofing Checks | No | Yes |
Contact us to discuss what we can do for you
To arrange a trial, or to discuss your requirements, please contact us!
Contact SalesRelated News
Prankster acquires Taliban Government domain amidst gov.af limbo
2 Sep 2021
Around the Net, Security
The US and others may have withdrawn from Afghanistan, but many Afghan Government websites and email addresses under the .gov.af top-level domain are still very much dependent on services hosted outside of the country – mostly in the US.
By taking...
View full post
FluBot Android malware now targets UK banks
24 Aug 2021
FluBot, Netcraft Services, Security
FluBot has built up a community of compromised Android phones in the UK since April and in the past 24 hours has commenced monetising them by sending overlays for British Banks.
FluBot first appeared in 2020, targeting mainly Spanish banks, but recently …
View full post
Post Office is new prime target in UK parcel delivery phishing attacks
22 Aug 2021
Security
The coronavirus pandemic resulted in the closure of many bricks and mortar retail stores, forcing UK consumers to adopt online shopping more than ever before. This trend has largely continued in spite of many stores since reopening, as millions of...
View full post