Websecurify 1.0.2 is by far the best version ever released. It is feature packed yet easy to use and as fast as nothing else.
As they say "the devil is in the details" and this version is all about that. A lot of things has been taken care of in order to create a functional and fast web application security scanner with the best possible user experience. Websecurify on Mac looks gorgeous and it is really fast but wait to see Websecurify for Windows. It will change your perception of what security products should be all about.
From the click on the application icon to the first application screen it takes no more than just a moment. This is very different from those pesky, never ending splash screens which we are all acquainted to from other products. The target locationbox is all you need to start a scan with zero configuration. It has been all taken care of for you by default. However, if you feel adventures you can always fire up the side browser which will allow you to pinpoint hot areas for further testing or exclusion. You simply don't need to fiddle with regular expressions or string matching constants which are not only difficult to use but also error prone and very inefficient. It has been all taken care of for you.
After a lot of time spent in the lab searching for the best features we can put in a product that we love we think we have found the best way to do reporting. Reports are generated on the fly. You simply don't need to wait until the end to find out what is going. You can easily filter issues by severity or features with just a single click. Websecurify can not only show you the details of each found issue but also where possible take a screenshot as a proof. There is no other web application security tool out there that does this. Each report is exportable in various formats designed to be easily embedded into your own custom reporting templates. We simply do not support the idea of closed loop marketing by embedding our brand everywhere possible. If you are looking for in-depth information about each issue we even provide JSON and XML reports which contain details about the reported items broken down to the individual components. This is very powerful and can be used to simply your life and save you a lot of time and great deal of stress by implementing your own custom automation workflow.
Last but not least Websecurify 1.0.2 is good fit for wide range of uses and available to everyone: form the experts to the casual users. We have priced the product fairly and in fact more fare than all of our competitors. There is no feature locking. We think it is silly to lock the product to scan only 1-3 web sites and than ask for more cash to unlock the full version as our competitors do. Websecurify is revolutionary in that way. However, what is even more revolutionary is that you are not tied to anual renewal fees. When you buy a major version it is your's to keep and use to test as many web applications as you need. To make it even better, we have even automated the payment process so you can enjoy you version in a few moments after purchase. It is as simple as that and we will keep your version up to date via our online update mechanism, which you can switch of if you don't need it.
So enjoy it and let us hear if you have any comments, suggestions, feedback, bugs or just things that annoy you. Our commitment is to make the best web application security tool out there.
A Collage of Websecurify's Evolution
This is essentially a collage of all pictures from Picasa which we use for this blog. What I find interesting is the story that the picture tells. It really shows the many incarnations of the product and how much effort has been put into it to make what it is today.
Stay tuned for the next major incarnation.
Websecurify's Debute on ITunes and Mac App Stores
Although Websecurify has been officially available on the Mac App Store for several days now and more than a month on the iTunes App Store, it is about time to announce it publicly here. It is true. Websecurify is now the premium web application security testing tool for Mac. It is one of its kind and proud to carry the title of being "the first and only".
The Mac App Store Version is full of awesome improvements incorporated in style and simplicity throughout the entire application. Some of the key features include:
- Fully integrated browser which allows fine-tuning of even some of the most demanding applications today.
- Adjustable test scope. For more information, see the Wiki page here.
- The ability to not only run several test at the same time but also work on multiple projects currently.
- Smart reporting system which removes duplicate issues on the fly.
- Powerful and quickly accessible report filters to sift through complex tests with numerous issues.
- Vulnerability snapshots. What is a security report without the technical details? You get not only the exact details about each vulnerability but also helpful screenshots illustrating the problem in full.
- Several built-in reporting mechanism which allow detailed exporting to multiple formats including CSV, XML, JSON, HTML and RTF. HTML and RTF reports include screenshots which can be easily copied around in your own custom reports.
- New and improved testing engine which now detects more issues than ever before in a fast and concise way.
- Absolutely gorgeous user interface in every single way.
There are some awesome improvements for the iTunes App Store (iPhone) version planned to be released in the upcoming weeks. Here they are:
- The ability to email reports even when they are not fully completed. This is a huge win especially when you want to report an issue as soon as you find it.
- Brand new testing engine with numerous improvements all over the place.
- Faster test cycles. On some medium-size applications it is possible to complete a full test in just a few minutes.
Needless to say, this is just the start of a very exciting future in which we want to make a mark in our own unique way. We would like to use the opportunity to thank our beta testers and everyone who helped us to get to this stage. You are rock starts and you know it.
Websecurify 0.9 is Out
Websecurify 0.9 is now out of our workshop and you can download it from the usual place.
In this release we went back to the basics and reengineered everything from scratch and made it 10 times better. In the process we even managed to create a version which can run on most modern mobile devices although at the moment we only support the iPhone.
Websecurify 0.9 is de facto not only the first web application security testing software ever created for iOS, Android, Blackberry and others, but it is also the very first fully functional integrated web application security testing solution which can run straight from your web browser. This release is perhaps one of the most cross-platform software solutions you will encounter today and we are proud to be the first to do it, putting our orange flag in the history books forever.
However, this is not all... far from it. For the upcoming months we have prepared even more surprises for our loyal fans and supporters. We are planning to completely change everything and make the dent, created by Websecurify, even bigger.
Enjoy this release and if you have a few spare moments tell us what do you think and how we can help you even further.
In this release we went back to the basics and reengineered everything from scratch and made it 10 times better. In the process we even managed to create a version which can run on most modern mobile devices although at the moment we only support the iPhone.
Websecurify 0.9 is de facto not only the first web application security testing software ever created for iOS, Android, Blackberry and others, but it is also the very first fully functional integrated web application security testing solution which can run straight from your web browser. This release is perhaps one of the most cross-platform software solutions you will encounter today and we are proud to be the first to do it, putting our orange flag in the history books forever.
However, this is not all... far from it. For the upcoming months we have prepared even more surprises for our loyal fans and supporters. We are planning to completely change everything and make the dent, created by Websecurify, even bigger.
Enjoy this release and if you have a few spare moments tell us what do you think and how we can help you even further.
Websecurify Mobile Beta Test Starts Today
The public beta test of Websecurify Mobile Alpha1 starts today. The WS Dev team would like to personally say "Thank You" to all beta testers who have signed up in the last couple of days. By now you should have received an email with instructions how to participate.
As it usually happens, there is already a service out there which lifts off some kind of burden from your chest. In our case that is TestFlight which will be helping us dealing with the provisioning profile mess during the beta test stages.
Websecurify for the iPhone Preview
This is a quick preview of Websecurify running on the iPhone. Keep in mind that the application runs natively and uses the device own resources to perform the test.
We are still looking for beta testers. If you have an Apple device and you are willing to try Websecurify please fill in the form provided here. Thanks in advance.
Websecurify for the iPhone
The multi-platform support is perhaps the most advantageous feature of Websecurify 0.9. Our testing engine is not only capable of handling even the most resource demanding applications but also run smoothly on mobile devices such as the iPhone.
We are essentially in the final stages of development of the Websecurify Mobile edition. At the moment the user interface is simple, solid and fully functional. The mobile testing engine is fully functional inside the iPhone although we are going to make some drastic improvements to reduce testing time on complex applications.
Needless to say, we need beta testers. So, if you own an iPhone and you are willing to try Websecurify, please fill in your details here and we will get back to you with instructions.
Thanks.
Try Websecurify Scanner 0.9Alpha1
Websecurify Scanner 0.9Alpha1 is now available for download from the usual place.
This release contains numerous improvements including but not limited to:
- Our multi-platform testing engine available for JavaScript, Java, Objective-C, and C
- Simplified and more intuitive user interface
- Better and simpler extension technology
- Generally faster and more more memory efficient tasks
Keep in mind that this is still an Alpha. More features and general improvements are expected in the final release.
Websecurify Scanner 0.9Alpha1
The Websecurify Scanner 0.9Alpha1 is under heavy development. While we are pleased with the results, there is so much more to do.
Some of the main features so far are listed bellow:
- The basic/default scanner is smarter, faster, lighter and more selective - this means that some types of applications, in particular those which have a lot of pages, will be scanned under a fraction of the time which takes when testing with Websecurify 0.8.
- The scanning technology is memory efficient and the memory storage is swappable - while the scanner should be able to handle most applications within a reasonable amount of memory, if needed we can quickly introduce other storage mechanisms depending on the situation and as such scale the scanning technology as much as required.
- Everything is configurable - while we may not expose all scanning features and options in the default installation, it is certainly possible to configure a lot of aspects of how the testing engine works. This is the reason why 0.9 will provide different types of scans which are optimised for the particular task. For example, a scan against a blog is very different from a scan against Sharepoint. The templates not only provide pre-build settings but also different testing engines specifically optimized for the target technology.
These are the main features so far. More features are coming up very soon plus the first alpha release should be available for download in the following weeks.
Latest Developments
If you are wondering what is happening to Websecurify, well... we are working really hard to get 0.9 out of the door. So, hopefully you will be able to see the first alpha in the following weeks.
Many improvements should be expected in 0.9 but most important ones are related to stability and speed. One of the key improvements around the testing engine is the balance between the types of tests we typically want to perform and the quality, dictating that we wont miss important vulnerabilities but at the same ensuring the test completes within reasonable time and in the most efficient way.
As you can see from the screenshot above, we have also reengineered the entire UI. Now the main window is lighter and everything should feel very easy and fast.
As usual, feedback is always welcome.
Subscribe to:
Posts (Atom)