Scan single page applications (SPAs)
Single page applications are a recent web innovation that has made it possible to provide end users with snappy, responsive experiences without slow and annoying page reloads. Despite their increased presence on the web, many legacy application scanners have difficulty crawling these types of web apps, since they don't utilize a traditional HTML sitemap. InsightAppSec has been designed to automatically crawl and attack SPAs, providing coverage where other solutions can't.
Assess modern web applications
Web applications have come a long way from the static HTML and Perl scripts that drove version 1.0 of the web. Web apps today are built with modern Javascript frameworks, REST APIs, and microservices. But getting reliable results from a DAST scan of modern web apps shouldn't be (but often is) a challenge. InsightAppSec provides support and coverage of modern web technologies to save security and DevOps teams time and resources normally spent training and tuning scans—right out of the box.
Extend coverage
Modern web applications today are complex, and not all can be comprehensively scanned without some configuration. For example, application areas behind multi-step login sequences that include a CAPTCHA challenge. For this reason, InsightAppSec supports multiple means to enhance coverage programmatically, through recorded macros, Selenium test scripts, Swagger REST API definitions, and traffic recordings. With the flexibility provided by these options, InsightAppSec ensures your scans generate accurate results.
Keep pace with the modern web
Web technologies continue to evolve at a high velocity. Thus, your DAST solution should be architected to be future-proof. InsightAppSec's Universal Translator logically separates the crawl and attack engines used in a DAST scan, allowing for easy and frequent updates to one engine—such as new attacks and new input types—without breaking functionality in the other.