Web services are frequently used by organizations since they ease and improve the communication between network and web based devices and application. Yet, even though they are so popular they are overlooked, hence posing a security threat to the organization’s web environments.
Automatically crawl, scan and identify potential vulnerabilities in web services with Netsparker Web Application Security Scanner. Netsparker can scan WSDL 1.1, SOAP 1.1 and 1.2 web services.
Scanning a web service with Netsparker is as easy as scanning a web application; just point Netsparker to the WSDL link and click the Start Scan button.
Netsparker also automatically identifies web services within web applications, therefore when scanning a web application which contains a web service, Netsparker will automatically detect it and scan it while scanning the web application at the same time.
The WSDL files do not necessarily have to be online. You can import offline WSDL files from your disk to Netsparker and Netsparker will parse the imported WSDL file and automatically add the necessary SOAP requests to crawl it and scan it.
If web services are discovered during a web application vulnerability scan they will be reported in a knowledge base node. Read Scanning Web Services with Netsparker for more detailed information on web services scanning.