The Monitoring module in Cyber Safety offers different web app scan levels to allow you to control the depth of your scans. The appropriate scan level is determined by factors such as the complexity of your web app, the type/amount of data it processes, and the frequency of scanning you choose. More frequent scans are typically done with a lower scan level to avoid placing too much burden on your infrastructure.
Comparing Scan Levels
Lightning |
Normal | Log4j Only | |
Web page config (SSL encryption, HSTS, and cookie settings) | X | X | |
Basic web app vulnerabilities (XSS, SQL Injection) | X | ||
Deep HTTP request checking, using POST/PUT/DELETE/UPDATE methods | X | ||
Full payloads (dummy data used to simulate what an attacker might try) | X | ||
Log4j test | X | X |
Scan Level Details
- Lightning scans usually run in under a minute and check for SSL/TLS, HTTP headers and cookies attribute related vulnerabilities.
- Normal profile tests for all the vulnerabilities we support, with a larger set of payloads than the one used in the safe profile, for some tests. It also has no restrictions about which methods it uses.
- Log4j Only tests only for the log4j vulnerability discovered in early December 2021. For more information, see Testing for Log4j vulnerability in your websites or web apps.