Monday, July 9, 2018

Managed Web Application Scans

Nullable Security is proud to announce that we are now offering Managed Web Application Scans!

This is a recurring service to help our customers maintain a baseline of web application security hygiene. We perform an automated scan of your application to look for common vulnerabilities, and provide you with a concise report of the issues found and how they can be remediated. Our scanners are a combination of our proprietary scanners with industry-standard, free and open-source application vulnerability discovery tools. All aggregated to give you a good understanding of common vulnerabilities that may impact your product. Our testing methodology is thorough enough to satisfy PCI DSS 6.5 & 6.6 web security scanning requirements. The process of on-boarding a web application to managed application scans goes something like this:

  1. Planning - We sit down with you to develop a vulnerability testing strategy and interval
  2. Setup - A production-representative test environment is spun up for us
  3. Testing - Security testing is performed as outlined in the Planning phase
  4. Reporting - Finding reports are generated and sent out to the customer


Nullable tailors all of its tests to our clients specific needs. Each one of our scans is unique, but automated. Our vulnerability scanning tooling can work with web applications written in,

  • Server Side: Java, C#, Python, Rust, Golang, Ruby
  • Client Side: HTML / CSS / JavaScript


We prefer to run our security testing on a set of test infrastructure that is exactly representative of the production infrastructure. Testing in production can be done, but the first few tests should be closely monitored for application stability. 


Our tools and testers also understand the security implications of more complex web development paradigms such as WebSockets, AJAX, and HTML5. The testing techniques and tools will dive deep enough for you to feel confident in your application security posture. We cover all of the OWASP Top 10, and then some. Some, but not all, of our tests include:

  • SQL, PHP, Perl, Ruby, Python, CSS, ... Code Injection
  • OS Command Injection
  • File Path Traversal
  • XML External Entity, LDAP, XPATH Injection
  • Server-Side Include
  • Cross-Site Scripting (DOM, Reflected, Stored)
  • WebSocket Hijacking
  • Flash, Silverlight Cross-Domain Policy
  • Cross-Site Request Forgery
  • SMTP Header Injection
  • TLS Cryptography Audit
  • Session Token Mishandling
  • File Upload Abuse
  • Sensitive Information Disclosure
  • Confused Deputy Issues
  • Mixed Content Issues


The reporting phase is one we're always evolving to ensure that the most clear picture of the applications security posture is communicated to the customer. Our reports are aggregations of highly automated scans, and vulnerabilities are ranked by severity. There is no manual verification of the contents of the report, but we do offer this as an additional service. This report will act as a remediation guide, and will help your development teams to find and fix the issues discovered in the Testing phase. The vulnerability report is Nullable's key deliverable to our customer.


Our pricing structure is very straight forward, and highly affordable. We charge per-absolute URL scanned. This includes both web APIs and HTML pages. Our spiders will look for all available inputs into that URL, and will perform 100+ (on average) security tests against it. Most medium complexity web applications will have about 20 to 100 absolute URLs. Subscriptions for larger customers are available by request.

 $10 / URL / Scan 

Why trust Nullable Security? We are a boutique application security firm with founders who have decades of software engineering and security experience. We've performed security services for two-person startups, all the way up to Fortune 10 conglomerates. We are licensed, insured, and mutual NDAs are available. Nullable knows that everyones' business is their own baby, and we want to work with you to protect your assets.