Web Application Scanning

Find vulnerabilities in your web applications and APIs. 

KEY FEATURES

Find weaknesses where you are the most vulnerable

Automated and continuous scanning of web applications detects vulnerabilities related to bad code, misconfigured systems, weak passwords, and exposed system information and personal data.

icon-repeat-web-scanner
Automatic & continuous

Just in a month, there are thousands of new known vulnerabilities. Scheduled and continuous scans find new vulnerabilities fast.

icon-shield-web-scanner
Systematic & proactive

Our platform provides a great foundation for systematic and risk-based work with your cyber security defense.

icon-checklist-web-scanner
Risk-based

Don’t get lost by all the data. Our platform helps you understand what vulnerabilities to remediate first through a number of automated and simple tools.

icon-three-layer-web-scanner
Complete coverage

We cover every type of web application, public as well as local. Intranets, commercial websites, portals, and more.

VULNERABILITIES

OWASP top 10

Our web application scanner finds a wide range of vulnerabilities in your web applications.

  • Large number of common web application vulnerabilities.
  • OWASP top 10 vulnerabilities.
  • Several thousands of vulnerabilities in specific CMSs such as WordPress.
  • Vulnerabilities in REST APIs.

book-your-free-demo-picture-cta

COMPLIANCE

Meet existing & future compliance

Along with the growing threat picture, there are new legal requirements, standards, and certifications. We help you meet existing and future requirements. 

  • OWASP top 10
  • GDPR
  • PDPA
  • NIS 

 

Words from our customers

Icon-Quotation mark

We highly appreciate the responsiveness to what we as a municipality want to get out of the platform

In many cases coming up with solutions that have resulted in improvements and new functions to the product. Holm Security has listened when I have had opinions about the platform.

Testimonial-Huddinge Kommun

ARNE GÖRANSON, IT SECURITY MANAGER

Huddinge kommun

Icon-Quotation mark

We want to be relieved when monitoring vulnerabilities in our applications

It is impossible for us to always be up-to-date and have the expertise to recognize and solve all vulnerabilities. Holm Security supports us in being carefree.

Testimonial-Citaverde College

MARTIJN VAN HOORN, IT MANAGER

CITAVERDE COLLEGE

Icon-Quotation mark

Holm Security has helped us a lot with our challenges

We now know what is running within our terminals and their security status, providing a starting point for optimizing our IT even further. It strikes me positively how human-centric Holm Security is. I’m not just waived off with an email or ticket.

Testimonial-Alkion Terminals

PATRICK MAST, IT DIRECTOR

Alkion Terminals

how-can-we-help-you-picture-cta

TECH DETAILS

Features & functions

  • Detects a wide range of misconfigured and vulnerable web applications.
  • Detects faulty permission.
  • Scans local cloud infrastructure, such as AWS.
  • Detects outdated and vulnerable JavaScript components.
  • Detects the exposure of personal data, credit card numbers, and credentials.
  • Detects exposure of system information.
  • Authenticated scanning of web applications.
  • Notifications when SSL certificates are about to expire, have expired, or are vulnerable.
  • Automatically identifies web servers, programming languages, and databases.
  • Fuzz testing (detects if a web application behaves irrationally or unexpectedly).
  • Automatic update of vulnerability database.
  • High precision with a low number of false-positives.
  • Continuous Monitoring.
  • A wide range of integrations with systems like SIEM, CMDB, patch management, ticketing systems and, CI/CD.
  • SAML 2.0 Single Sign-On.
  • Role-Based Access Control (RBAC).
  • Full IPv6 support.

DISTRIBUTION OPTIONS

Cloud & on-premise – one technology

Our platform can be distributed in two ways. Safe and secure from several global datacenters as a cloud service, or installed within your own infrastructure as on-premise with local storage. You simply choose what distribution option that suits your organization best. 

icon-cloud-distribution
Cloud

Safe and secure management and storage in the cloud. Select what physical datacenter that suits you. Get started in just minutes. 

Read more

icon-distribution-on-prem
On-premise

Installed and operating within your own infrastructure, with local data storage. Automatic software and vulnerability test updates.

Read more

Administration

Centralized, powerful administration & orchestration

icon-shield-check-security-adminstration-web-scanning
Security Center

Security Center is our easy-to-use web-based control panel that gives comprehensive insights and helps you manage vulnerabilities. Through flexible dashboards and reports, you get a visual overview of current data, development over time, and more. Security Center supports Role-Based Access Control (RBAC).

 

Read more

icon-sitemap-organizer-web-scanning
Organizer

Organizer enables different people, groups of users, departments, or countries to be given isolated access to relevant vulnerability data while maintaining a centralized administration. Get the best of two worlds – decentralized management to engage your teams, while still having support for centralized management.

 

Read more

Tell us a bit about you and your business

To provide the best possible experience, we charge for more extensive trials and PoCs (Proof of Concepts).

GET STARTED

Let's create your free Web Application Scanning trial account

  • Find weaknesses where you are the most vulnerable
    Find vulnerabilities in your web applications and APIs. Detect vulnerabilities related to bad code, misconfigured systems, weak passwords, exposed system information, and personal data.
  • Improve your security posture
    We find OWASP top 10 vulnerabilities, misconfigurations, weak passwords, and exposed system information and personal data – in all types of applications.
  • Meet existing & future compliance
    Strengthen your cyber security defense and comply with new laws and recommendations. Detect vulnerabilities in web applications that hold or are related to personal data.

GartnerPeerInsightsLogo_onlight_RGB_2000px_72dpi

 

Read what our customers say about us

PRICING

Request pricing

There are no modules or options - everything is included. The actual cost depends on the scope of the agreement and contract length.

Web Application Scanning

Starting at

EUR

17,85

EUR

$21,75 USD / web application

Monthly price based on 25 web applications.

Request pricing information
  • All features & functions included
  • Unlimited number of scans
  • Qualified local support

FAQ

Here we answer the most frequent questions about Web Application Scanning.

Do you scan all type of web applications?

Yes, we scan all type of web applications, such as commercial websites, intranets, portals, admin interfaces and more. 

Do you scan for OWASP top 10 vulnerabilities? 

Yes, we scan for OWASP top 10 vulnerabilities according to the latest version, 2017.

Do you support authenticated scanning?

Yes, we support both authenticated and unauthenticated scanning. With authenticated scanning we scan the “inside” of your applications.

How long does it take to get started?

It only takes a few hours to get started with our powerful and easy-to-manage platform. Contact us and we will help you get started today.

What scan technology is used?

Our web application scanner is based on DAST (Dynamic Application Security Testing) and SCA (Software Composition Analysis). This means that we find vulnerabilities in the running application and in components used like WordPress and JavaScript libraries.

Is there any software or hardware required? 

No, using Holm Security VMP | Cloud doesn’t require any software or hardware. But for local scanning, you need to install one or multiple Scanner Appliances, which is a virtual appliance. When using Holm Security VMP | OnPrem you will need to install minimum of two virtual instances. One Core Appliance and one Scanner Appliance.