— security headers;
— CORS configuration;
— available HTTP methods.
In addition to analysis reports, you get brief recommendations to boost your Web Application security.
who benefits from this tool
- A one-time or regular perimeter scans for open ports
- Compare launch results
- Get scan reports
- Continuous monitoring of all externally accessible perimeter ports
- Detection of improper software usage
- Reducing business risks associated with illegitimate access to company infrastructure (data theft, stopping business processes, etc.)
HOW IT WORKS
To use the Perimeter Scanner, just register on the Def.Zone portal and confirm that you will scan your own resources.
To do this, specify your company information and the targets of the scan (IP addresses, subnets or domains). The data will be confirmed within a day, and you will be able to work with the scanner.
The final report will show information about open ports and the software that uses these ports.
Also, the scan results will tell you which infrastructure elements are misconfigured. For example, the port which should be used for the website by default, is open to the Database Management System — this makes it difficult for customers to work with the website, and the company data becomes accessible to all Internet users.
This procedure will help tidy up the perimeter: close ports that should not be open, remove suspicious or unused software.
Set up a scheduled for automatic scans and monitor the results.
A clear comparison of the scan results will allow you to quickly identify changes in the infrastructure and respond to them.