SandCat version 3.07 released

Sandcat allows web administrators to perform aggressive and comprehensive scans of an organization’s web server to isolate vulnerabilities and identify security holes. The Sandcat scanner requires basic inputs such as host names, start URLs and port numbers to scan a complete web site and test all the web applications for security vulnerabilities

Provides more than 30,000 security checks for all leading web server platforms

  • a target server can be local or remote
  • Scans for SANS Top Twenty vulnerabilities (C3)
  • Allows to specifically scan for SANS Top 20 vulnerabilities
  • Allows to perform destructive and non-destructive scans
  • Tests intrusion detection systems (Syhunt Sandcat Scanner was recently used to test the detection capabilities of a few appliances.
  • Supports OSVDB, NVD and CVE
  • Supports multithreaded scanning of web servers, with a configurable number of parallel requests
  • Automatically discovers and analyzes the server’s configuration to determine which tests are needed
  • Includes a Baseline Security Scanner — ensures security against outdated server software

Vulnerability database update
This month added checks.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
SandCat
Vulnerability Scanner