NT OBJECTives has updated its NTOSpider web application scanner. The latest version introduces automated security testing for complex application workflows.
The solution enables organizations to automatically test even shopping carts and registration sequences, providing a higher degree of accuracy and scalability.
Testing a complex application workflow is tricky, and if it’s not done properly, critical vulnerabilities can go undetected.
Many automated application scanners attack various steps of a complex workflow randomly. However, this way they might miss some security holes. NTOSpider, on the other hand, properly respects the order of the workflow to ensure that no flaws are missed.
“Until now, the only way to accurately test a complex application workflow like shopping cart or invoice processing has been manually. If it takes a tester 16 hours to test a complex workflow by hand and that organization has 20 applications with complex workflows, that can add up to over a month of testing,” noted Dan Kuykendall, co-CEO and CTO of NT OBJECTives.
“When you’re a global organization, with hundreds or thousands of applications, and you need to do quarterly web application security assessments, testing by hand just doesn’t scale, vulnerabilities end up being missed or applications are not tested at all,” he explained.