In this article, we’re going to look at what a vulnerability scan is, how it can help to protect your organisation, and how AppCheck will work with you to deliver a free trial scan of your own websites, networks and infrastructure to demonstrate these benefits. 

What is vulnerability assessment & vulnerability management? 

Vulnerability management is a key responsibility of any IT security team, and involves the entire life-cycle of detecting, reporting, analysing and mitigating (if necessary) any security vulnerabilities that may exist in an organisation’s systems and software. It is typically a holistic process involving multiple teams – however vulnerabilities can only be managed only if they have been discovered and identified, and the way to achieve this is through a vulnerability assessment process. 

Vulnerability assessment helps an organisation understand the threats to its environment and react appropriately. A comprehensive vulnerability scanning program is an essential component of any effective vulnerability management solution. 

What is a vulnerability scan and how can it help? 

Vulnerability scanning can take many forms, but it can be simply described as the remote and automated assessment of the security of a website, web-based program, network, system or service.

Unlike SAST (Static Application Security Testing), DAST (Dynamic Application Security Testing) tests your *actual* live systems, allowing for the identification of a wider range of issues including environmental misconfigurations that are not evident from code analysis or review alone. The exact type of security scanning required depends on an organisation’s operated services, as well as its security objectives. 

AppCheck works with you to understand your exact requirements and system configuration in order to tailor customised trial scans that provide your organisation with an accurate snapshot of your current security posture, and the insight that a suitably tailored vulnerability scan can bring. 

How quickly can AppCheck deliver my free trial scan? 

It is easy to get set up with a trial scan with AppCheck. Our pre-sales can typically configure and launch a basic scan (default settings and no authenticated scanning) within the hour once we have agreed basic details including the desired scope and start time in writing. However, if you are not under significant time pressures you may wish to take longer to finesse scan configuration to deliver a truly tailored scan profile. 

How does AppCheck deliver my free vulnerability scan? 

Initially, and most importantly, AppCheck will talk to you to understand your requirements, explain the techniques we employ, as well as to understand the technologies in use within the estate that you wish to be scanned, capturing details on front–end and back-end frameworks, databases, authentication mechanisms, key pages or endpoints that should be included in the trial, and any endpoints that require login credentials to enable full scanning. 

Simultaneously, AppCheck will seek to understand the service context – that is, the environment that is to be targeted. It is important to capture details of and understand deployed screening mechanisms such as WAFs and firewalls that may cause issues with scanning. Equally, the capacity of the target service in terms of bandwidth and processing limits and scheduling concerns are important to understand – vulnerability scanning can be a highly intensive and it is important that trial scans are tuned and scheduled to minimise the likelihood of any performance or stability issues on systems being interrogated during the trial scan. 

AppCheck will work you to agree the proposed scope and configure the trial scan. You will be asked to perform basic preparation such as acceptance of the Acceptable Usage Policy and make any necessary organisational changes or communications to support the scanning. This will typically involve adding AppCheck scan ranges to the “allow list” on WAFs & firewalls to permit scanning; and communicating awareness of the upcoming scans to relevant technical and other teams within the business as needed on a per-organisation basis. 

The scan will be launched at an agreed time. It can include scanning of web applications such as websites and even REST, SOAP and GraphQL APIs, as well as network infrastructure targets.  

What happens while my free AppCheck trial scan is running? 

AppCheck performs vulnerability scanning by first “crawling” a specified target to find its extent and discover all endpoints, services and webpages. It will then target each resource with a thorough series of checks for vulnerabilities. It does this by running checks on each resource, testing to see if any of these attacks could be used by an attack to exploit the service, system or host. Web application checks include OWASP Top 10 standard checks for SQL Injection, Cross-Site Scripting (XSS) and command injection, as well as a myriad of other less well publicised check types such as out of date JavaScript libraries, server configuration weakness and unpatched software. Infrastructure checks look for configuration weaknesses, weak passwords, and known vulnerable components. 

When the scan is complete, the custom reporting engine will perform a custom risk evaluation for each finding and assigns a score. This is partly based on the “CVSS” score of the vulnerability that reflects how critical the vulnerability is and what the impact on the organization would be if it were to be exploited by an attacker, as well as how practical it would be for a hacker to exploit the vulnerability  for example, could it be exploited from the internet or would physical access be required? – and how easily this could be accomplished (perhaps using published and readily available exploit code). 

Trial Scan Key Offering 

The trial scan is complete in scope, just like a regular AppCheck scan. The only differences are: 

Complete with Trial Scan 

+ Pre-sales support to help you configure the trial scan
+ Complete scan with all plugins
+ Full report
+ Access to technical support for remediation guidance 

Trial Scan Restrictions 

– No ongoing scheduled scanning
– Limited number of scan executions
– Limited rescanning
– No access to AppCheck API for custom and programmatic integrations
– Scope typically limited to a small number of endpoints for trial purposes 

What will the reports include? 

We publish a full sample report online so that you can preview exactly what AppCheck delivers in its free trial scan reports. 

The report you will receive for your trial scan details the scan scope and detail of the assessment carried out, a high level executive summary of findings, and a full and prioritised (ranked) list of all vulnerabilities in detail – including a technical analysis section with snippets of code and requests to support the finding, as well as detailed remediation guidance to help you to fix the vulnerability. 

Our reports can be provided in PDF format for easy reading and management consumption, as well as detailed CSV format for distribution to technical teams and detailed analysis. 

Evaluating your trial scan 

We know that you may be assessing multiple vendors for vulnerability scanning services. You may wish to consider asking yourself the following questions to help you compare: 

• How clear was the report? AppCheck works hard to ensure that its custom reporting engine produces clear and concise executive summaries as well as detailed technical findings that help you to reproduce, validate and remediate vulnerabilities discovered. 
• How many vulnerabilities were detected? AppCheck makes use of standard CVE databases of published vulnerability data, as well as custom in-house web application vulnerability detection code to detect unpublished “zero days”. We believe our offering is best in class – how did it perform on your trial? 
• How many false positives were there? It is a fact of vulnerability scanning that there is no “human context” since the service is automated, and additionally the scanner is restricted from attempting to exploit vulnerabilities in order to be absolutely certain that they can be exploited, in order to follow the maxim of “cause no harm”. This means that sometimes a vulnerability may give every indication of being present but may be a false positive. AppCheck uses best in class custom code for vulnerability detection, and flags vulnerabilities as “Possible” where we are not certain of the finding. How did we do on your trial scan? 
• Did we miss anything (false negatives)? We are extremely confident in the performance of our scanning technology, and we additionally work closely with customers to tailor scans to their specific services and requirements. We believe that this delivers best in class vulnerability detection – how did we perform on your site? 
• We love to help! How responsive and helpful were the support and pre-sales teams to provide assistance where needed? AppCheck offers UK-based support so that we are working when you are. 

Follow-up 

If you found your free trial scan useful, we would love to work with you to leverage the benefits of ongoing AppCheck coverage for your organisation. 

A one-off trial scan gives you a taste of how AppCheck can help, but it essentially is as limited as a one-shot penetration test.  In order to be maximally effective, vulnerability scanning needs to go beyond a single scan and be implemented as a continuous process, providing you with knowledge about vulnerabilities and the associated risk to your organization over time and as your code, services and sites change. Read our article on the importance of regular vulnerability scanning. 

We work with clients who sign up for our service on an ongoing basis to understand their complete organisational scope, requirements and coverage, and to propose a comprehensive scan configuration that delivers on their requirements. We work with clients to recommend and develop a smart scanning strategy governing the configuration of multiple scan targets and types, with a scheduling frequency that delivers on business need. 

Ongoing customers can leverage features including user and group management, vulnerability remediation assignment, integrations with CI and ticketing systems including JIRA and JetBrains TeamCity, a powerful API for automated scan configuration and launch, and advanced scan configuration options. Some licence tiers offer advanced support offerings, including guidance on remediation from our UK-based staff. 

Additional Information 

As always, if you require any more information or want to see how AppCheck can help your business then please get in contact with us: info@appcheck-ng.com