AppCheck is a vulnerability scanning platform built by leading penetration testing experts to expose security issues
A Complete Vulnerability Scanning Solution
AppCheck provides a comprehensive vulnerability scanning platform that is designed to cover and test each layer of an organisation’s key IT systems for vulnerabilities, in one seamless and intuitive solution. Read more about our approach to vulnerability scanning.
Trusted by some of the world's biggest brands
Contact us or call us 0113 887 8380
Application and Infrastructure Vulnerability Scanning
Key Benefits of AppCheck
Unparalleled vulnerability coverage
AppCheck emulates the process of a manual penetration test to provide full coverage of the OWASP Top 10, zero day vulnerabilities, and 100,000+ known security flaws by interrogating CVE database.
24/7 vulnerability scanning
Deploy tests instantly using pre-configured scan templates or schedule scans for out of hours testing. Each scan can be configured on a repeat cycle to ensure they are run continuously to catch new vulnerabilities as soon as they are introduced.
Crawling modern complex applications
AppCheck implements a browser-based crawler that combines application modelling techniques and subtle heuristical cues to automatically discover the complete attack surface of any given application and build an event graph in the shortest time possible.
Zero day detection
AppCheck detects security flaws by adopting a first principles methodology rather than firing checks from a known vulnerability database. This approach successfully identifies security flaws within applications and systems that are previously unknown and undisclosed.
Manage vulnerabilities easily
All vulnerabilities are tracked and managed through the vulnerability management platform, giving you a complete system overview to show you what the outside world sees.
With just a click you can produce professional penetration testing style reports which include a detailed technical narrative and remediation steps for all findings.
AppCheck provides the full picture.
Results you can trust
Safely exploit vulnerabilities so that real-world business impact can be demonstrated to all stake holders from board level to the development team.
The AppCheck tool is built and maintained by leading penetration testing experts and has been designed from the ground up to ensure unparalleled accuracy and detection rates.
What is Different About AppCheck?
Our proprietary scanning technology is built and maintained by leading penetration testing experts allowing us to understand how a penetration tester or attacker would explore a given application, utilising visual cues and ruling out equivalent instances of the attack surface if they have already been explored.
The AppCheck research team are constantly finding new vulnerabilities and AppCheck are authorised by the Common Vulnerabilities and Exposures (CVE) Program as a CVE Numbering Authority (CNA).
Support is provided by UK based Engineers. Support tickets are managed under constantly reviewed SLA’s, and can be viewed and managed online. We regularly manage and update our help content to help our customers get the best from our service.
All of the above help ensure you can trust our vulnerability scanning systems to keep your applications secure.
FEATURES
Vulnerability Scanner Features
The Dashboard presents a fully configurable view of your current security posture. From here you can track remediation progress, spot vulnerability trends and instantly see which areas of your environment are most at risk.
Whether you just want to run a quick scan or are a power user who needs ultimate control, AppCheck allows complete flexibility. Scans can be run in a few clicks using profiles built by our security experts or built from scratch using the profile editor.
Results can be exported as either a professional penetration testing report in Microsoft Word format or as a CSV file, with a single click. Results can also be exported in JSON format to allow easy integration with third-party tools.
The rescan feature allows individual vulnerabilities to be retested to determine if an applied remediation has been successful. Each rescan adopts a first principals approach to ensure all known methods of exploiting a given vulnerability are tested for. This ensures the applied fix is robust and cannot be bypassed by the attacker. Remediation process is tracked and presented graphically to give an instant view of remediation efforts across the team.
AppCheck includes a granular scheduling system to allow scans to run within a permitted scan window, automatically pausing and resuming based on the configured schedule. Each scan can be configured to automatically repeat to ensure continuous scanning so that you never miss a new vulnerability.
Vulnerability Scanning Services
Manage vulnerabilities easily
Due to their large and complex attack surface and the difficulty in ensuring they are secure, web applications continue to be a prime target in attacks for malicious hackers.
Web application scanning works by continually attempting to break into and compromise your applications in the same way that a hacker would in order to pinpoint any potential gaps in your security.
DAST (Dynamic Analysis Security Testing)
Dynamic Analysis Security Testing (DAST) is a vulnerability scanning method that exposes potential security issues on running web applications and services.
DAST works in the way a hacker would attempt to gain access or take advantage of flaws and insecurities within your applications. It works via an outside approach with no prior information of the application or code and searches for vulnerabilities.
Automated Penetration Testing
Automated Penetration Testing operates by simulating attacks on systems continually in order to discover potential vulnerabilities..
Automated testing is a cost-effective, complementary form of testing which can reduce the overall investment of vulnerability testing when combined with manual testing. By utilising both these techniques it can allow full coverage of your systems to maximise your security and protection against an attack.
External Vulnerability Scanning
External vulnerability scanners explore all of your potential weaknesses that a hacker would discover and inform you of how to resolve these before they can be exploited.
AppCheck combines open source intelligence gathering and a sophisticated browser based crawling engine to identify application components that could be vulnerable to attack, providing remediation advice with all findings.
Web API Security Scanning
Web API scanners such as AppCheck work by checking your APIs for common pitfalls and security issues that could be prone to attack. Rather than use a database of static signatures of known weaknesses, the AppCheck platform applies a rigorous test methodology to tease out even previously unknown weaknesses in the same way a hacker or penetration tester would..
Once considered a niche form of web interface used primarily within internal networks and screened data feeds, web APIs have seen explosive growth in recent years.
Single Page Application (SPA) Scanning
Single Page Applications (SPAs) require different security assessment techniques, a different mindset, and a different approach.
The AppCheck scanner has been developed by in-house, expert penetration testers. It can natively navigate, and contextually and intelligently scan, SPAs. It does so in the exact same, context-aware manner as a penetration testing expert would and using the same advanced and battle-tested methodologies.
Put us to the test.
Try AppCheck for free
Contact us or call us 0113 887 8380
