Nemesida WAF includes the Nemesida Scanner module, which is designed to detect vulnerabilities and access critical data of a protected web application.
Using the security scanner allows you to identify the vulnerabilities of the web application and notify the owner of the resource. In the context of protecting a web application, the identified vulnerabilities will be additionally protected by virtual patching rules.
Nemesida Scanner identifies the following types of vulnerabilities:
- SQLi, XSS, LFI;
- Using components with known vulnerabilities;
- Critical data in the public domain.
The scan results are available in the Nemesida WAF Cabinet.