With Dynamic Reviewer Light-PenTest module, you can inspect your web application during running, directly using your Browser.
...
Web App on premise. It is using our own Core Engine.
Cloud. Our Web App offered in an high-performance European or American Secured Cloud Infrastructure
Its special lightweight PenTest features, allowing to explore vulnerabilities in your Web Applications at the same time to keeping the software securely in your own hands, at your premises. No need of Backups before PenTest, we guarantee our tool will keep your system and database integrity.
...
You can import third-party Security Scanners results. They will be correlated automatically.
Dynamic Reviewer DAST provides a robust and stable framework for Web Application Security Testing, suitable for all Security Analysts, QA and Developers with False Positives and False Negatives support. It is designed for built over an optimum mix of Manual and Automated Testing and allows designing customised penetration tests, offering an easy-to-use GUI and advanced Scan capabilities.
...
Suppress a Finding Category (example: all Blind SQL Injection issues)
Suppress one or more Findings inside a Category
Add Comments to the entire scan, to a Finding Category, to a single Finding
Modify, Delete, change Severity tag, Merge Findings
Import Results from third-party tools
Export Combined Results in PDF, HTML, JSON, CSV, Excel and Word format
Add Evidences to the Findings
Security Scanners
Dynamic Reviewer provides its own Security Scan Engine, but you can also add results coming from third-party Security Scanners, both commercial and open source, in order to cover posssible False Negatives. Each Security Scanner makes different fields available.
In order to be able to combine output from multiple tools, our Plugin Manager lets you map between the fields provided by each Security Scanner and those you care about for your report.
...
We currently support the following a number of 3rd-party Security Scanners:
Acunetix (Commercial)
AppScan (Commercial)
Arachni (Commercial)
Burp (Commercial)
CORE Impact (Commercial)
Invicti, formerly NetSparker (Commercial)
AppSpider, formerly NTO Spider (Commercial)
Nexpose (Commercial)
Qualys (Commercial)
Retina (Commercial)
Saint (Commercial)
SureCheck (Commercial)
It is up to you .
It is up to you to purchase and manage the required Security Scanner’s License in case of you are using a Commercial Product.
...
Team Collaboration
Being powered by Dradis FrameworkTeam Reviewer, with Dynamic Reviewer you can:
Share a common view of the entire project so that the team can work together towards a common goal:
Each person can work on a different project or as part of a team. Changes made by any member of the team are automatically pushed to all the others:
...
Going offsite or offline with Dynamic Reviewer doesn't mean out of sync. Project import and export make it easy to sync up when you return:
...
Compare different versions of the Issues in your project. Use the line-by-line breakdown to quickly see what was changed:
...
With our auto-tracking feature, you’ll always know who did what with timestamps for each activity:
...
Get warned if someone else modifies the content you were working on. Take comfort in knowing that you're always working with the latest version of the project:
...
Always know what has been covered and what is still ahead - and never forget any steps:
...
Use one of these methodologies to ensure consistent results: OSSTMM v3, OWASP Top 10, SANS SWAT checklist, OWASP web testing v4:
...
Our built-in methodology editor makes maintaining and updating your methodologies simple and straightforward:
...
Our flexible systems lets you use different methodologies for different phases of the project:
...
Our Security Scan Engine
Main features:
...
DISCLAIMER: Due we make use of open source components (w3af, pWeb, dradis, wXf, OSVDB), we do not sell the product, but we offer a yearly subscription-based Commercial Support to selected Customers, plus our Commercial Security Scanner.
COPYRIGHT (C) 2014-2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.