2018-03-28T12:05:00Z

What needs improvement with Netsparker Web Application Security Scanner?


Please share with the community what you think needs improvement with Netsparker Web Application Security Scanner.

What are its weaknesses? What would you like to see changed in a future version?

Guest
55 Answers

author avatar
Top 5Real User

Improvement could be made in the area of production. Features like macro recording that I've used in other solutions would improve this product. Recording macro for complex applications, especially web applications where there is a complex web application for login or logout format. We could record the macro for login to make a dynamic scanning process, which makes it easier to scan methodology. We need to be able to record the macro. I think a feature like that would add a lot to the solution.

2020-05-10T08:06:04Z
author avatar
Top 10Real User

The proxy review, the use report views, the current use tool and the subset requests need some improvement. It was hard to understand how to use them.

2019-11-14T06:33:00Z
author avatar
Real User

The program uses technology that is different from application scanners. It's not an incremental solution. It could be a new product, but I'm not that knowledgeable to know which products are part of a suite. Netsparker doesn't provide the source code of the static application security testing. I would love to see a completion of the offering with statistical analysis. Every customer has its own nuance, so I don't think it's really an issue when it comes to the user interface. Every customer has something that they would like different because they're used to something different. In my opinion, there is not very much to mention besides changing as little as possible. Something that Microsoft often does, is to change things with every release and users don't like that. I would also see the price being at least 20% cheaper because the market is currently very crowded and there are many vendors and clients. A lower price will get more sales.

2019-08-21T06:36:00Z
author avatar
Top 5LeaderboardReal User

The scanner itself should be improved because it is a little bit slow. CPU usage should be improved due to my PC's fan going mad. RAM usage also should be improved as well. The attacker part of the scanner should be more fluid and faster. There should be some option to tune up the scan, like throttling requests or using some WAF/IDS/IPS bypass technique. It needs more than what is currently in the Advanced Options. The passive analyzer for some vulnerabilities should be improved, as it doesn't get all vulnerabilities. It should also be more efficient. The scanner should also use some cool techniques to inject payloads, like replacing the entire body and Content-Type header (like for XML input).

2019-07-10T12:07:00Z
author avatar
Real User

Perhaps the custom attack preparation screen might be improved. Also, they can implement mobile penetration testing support for manual and automated tests.

2018-03-28T12:05:00Z
Find out what your peers are saying about Netsparker, Acunetix, PortSwigger and others in Application Security. Updated: October 2020.
443,152 professionals have used our research since 2012.