Take part in the public testing of the service of Positive Technologies for finding vulnerabilities on websites
The company Positive Technologies offers Habr users to participate in the final stage of the public testing of a free online service for finding vulnerabilities in PT BlackBox Scanner web applications .
What it is
The PT BlackBox Scanner (BBS) service is designed for all those interested in protecting web applications, from simple site owners to companies and experts testing the security of their clients ’sites.
The tool is easy to use: it takes only a couple of clicks to get a detailed report on the vulnerabilities found and recommendations for correcting them. The service is available even for sites located on the local network.
To prevent the anonymous misuse of the PT service, the BlackBox Scanner requires proof of ownership of the site; to do this, the user needs to upload a special HTML file to the root directory of the site. Another way to work with PT BlackBox Scanner is to use a special agent program that you need to download: it runs on the user's computer and tunnels all scan requests through this computer to the scanned site.
The first stage of the public testing service started in the spring of 2017. Since then, we have collected feedback, and as a result, many improvements have appeared in the product. Here are the most important ones:
- increase scan speed up to 10 times
- maximum safe scanning without harm to the site,
- the ability to scan sites that are closed by authorization (HTTP and form-based),
- accurate detection of vulnerabilities in popular CMS (WordPress, Drupal and Joomla) and their plugins using black and white box methods,
- detection of not only vulnerabilities, but also non-security errors.
The improvement of the PT BlackBox Scanner has become possible due to the active work of the beta testers, and we hope that together we can make the product even better and more useful.
How to participate in testing
At the moment there is a second stage of public testing. Taking part in it is very simple - you just need to follow the link bbs.ptsecurity.com/ru and use the BBS to crawl websites, and then describe your impressions. Feedback can be in any format - from letters with reviews to review on the blog. Write your comments on firstname.lastname@example.org or fill out a special questionnaire .
For the authors of the most useful reviews and public reviews, we will give our branded backpacks or aerodivans