OUR APPROACH TO VULNERABILITY SCANNING

AppCheck was designed from the ground up to emulate the process of a professional penetration tester to ensure maximum coverage and accuracy

AppCheck takes a first principles approach to application vulnerability detection, and therefore is not bound to any platform or signature database.

Rather than use a database of static signatures, AppCheck approaches each test in the same way a hacker or penetration tester would and applies a testing methodology. The vast majority of application security flaws, such as SQL Injection and Cross-Site Scripting arise from insecure processing of input supplied by the client. AppCheck adopts a first principals approach when testing each input by examining the original expected value and the servers response when the value is modified. By adopting this methodology, AppCheck is able to determine how data may be being processed by the server and can then dynamically evolve each test to identify vulnerabilities. This approach results in more accurate testing and allows AppCheck to identify security flaws that may be masked by security filters and Intrusion Prevention Systems (IPS), but could still be exploited by a real-world attacker.

Crawling and content discovery crawling

The AppCheck crawling engine uses a combination of application modelling techniques and subtle heuristical cues to automatically discover the complete attack surface of any given application in the shortest time possible. The algorithms are designed to model how a penetration tester or attacker would explore the application, utilising visual cues and ruling out equivalent instances of the attack surface if they have already been explored.

All of this means that for each target discovered we know its state at discovery and how to re-create that state to later attack it; and because the scanner is behaving in a more human way, it opens up attack vectors that are inaccessible to less sophisticated crawlers.

How our intelligent crawling works

Identify identical components

An ecommerce application may have several thousand product pages, with each one implementing the same code path within the application. AppCheck identifies these cases and avoids wasting time on identical components.

Identify & replicate behaviour

The application may have components that need to be accessed in a specific sequence, for example, navigating from a product page through a shopping basket flow. AppCheck is able to identify this behaviour and ensure the complete process is followed for each vulnerability check.

Choose a layer to explore

Open source intelligence gathering

Whilst the AppCheck crawling engine does an excellent job of enumerating the visible attack surface, it can sometimes be the hidden components that are the Achilles’ heel.

Temporary components such as micro-sites and marketing landing pages can become forgotten and unmaintained. These no-longer linked components may hide a critical security flaw and therefore it is important we test every component an attacker may target. AppCheck queries search engines such as Google and other online indexing services to gather a list of URLS both past and present to factor into the attack discovery phase.

Our approach to testing

Web Application scans can be started in just a few seconds by entering a list of URLs into the AppCheck user interface and either selecting one of our extensive pre-configured profiles or by building your own scan configuration. Once started, AppCheck combines open source intelligence gathering and a sophisticated browser based crawling engine to identify application components that could be vulnerable to attack.

Put us to the test.
Try AppCheck for free

No software to download or install.
Contact us or call us 0113 887 8380

Get in touch

Start your free trial

Your details
IP Addresses
URLs