NTOSpider On-Demand (SaaS solution) is a highly accurate and scalable solution that enables organizations to quickly scan web applications without purchasing, installing and monitoring scanning software. By using NTOSpider On-Demand, you can free your security organization to focus on the things that require internal expertise and analysis.

Overview & Features

Quick

NTOSpider On-Demand provides a responsive and scalable security solution with the ability to scan and report on thousands of application vulnerabilities within a short duration of time based on your immediate needs.

Easy

Users interact with a SaaS version of NTOEnterprise to initiate, schedule and configure application scans through a simple user interface. On-Demand scans can be scheduled to run at regular monthly or quarterly intervals to provide ongoing monitoring of your organization’s application security issues. NTOSpider On-Demand’s GUI interface enables you to easily review in progress scans, recent scans, configuration settings, currently scheduled and configure application scans through a simple user interface.

Centralized

NTOSpider On-Demand gives you centralized control and automation over all aspects of your enterprise web application scanning.

Continuous Scanning

Users can leverage NTOSpider On-Demand’s continuous scanning feature that checks web applications to see if they have changed and then rescans them. Security teams no longer have to worry that an undocumented application change has created an unknown exposure.

Scalable

NTOSpider On-Demand quickly scales to address your needs whether you have hundreds or thousands of applications. Not only, does NTOSpider On-Demand have the ability to run an unlimited number of simultaneous scans, but it is also able to automatically create new scan engines to handle increased workloads.

Sophisticated & Accurate (For Website Version)

NTOSpider On-Demand leverages NTOSpider’s unmatched sophisticated accurate scanning technology. You will spend a lot less time configuring the scanner and training it to understand your application while having the utmost confidence that the results will have the best false positive and false negative rates available. Click Here for more information about NTOSpider.

How It Works

NTOSpider can be customized to meet your business requirements. This can include a dedicated scanner appliance in your environment that can access and test your critical internal applications. Additionally, our services team can be leveraged to augment automated assessments with additional services that include the following:

Initiate Application Assessment

  • Select target apps
  • Provide authentication and authorization credentials
  • Approve start time

Configure & Execute Assessment

  • Best of breed web application scanner NTOSpider
  • Vulnerability Validation Service – All findings are confirmed for accuracy*
  • Business Process tested manually*

*with enhanced services option

Conduct Regular Re-Checks

  • Scheduled and automated at regula intervals (quarterly, monthly, or as needed on-demand)
  • Leverages NTOSpider
  • Review of vulnerability findings for confirmed accuracy
Enhanced Services Options

NTOLabs professional services team can be leveraged to extend your security organization and provide expert level application security test and enhanced services options. Our team can be leveraged to:

  • Augment the automated scan process with deeper testing
  • Testing the branches of business logic in your application that require manual testing
  • Confirm findings to further reduce the time required by your organization’s development team to remediate the identified vulnerabilities

The following packages are available in conjunction with NTOSpider On-Demand.

Level
Automated Scan & Re-Scan
Vulnerability Validation Service
Manual Pen Testing
Business Logic Testing
1
X
2
X
X
3
X
X
X
X
4
X
X
X
X

Scans can be scheduled either annually, quarterly, monthly or using Continuous Scanning.

Plan, manage, control and measure
thousands of application scans.

NTOSpider On-Demand Architecture
NTOSpider On-Demand with NTOCloud scan engines sit on the internet and scan all of your external facing applications.
Data Sheet