Nemesida WAF includes the Nemesida Scanner module, which is designed to detect vulnerabilities and access critical data of a protected web application.

Using the security scanner allows you to identify the vulnerabilities of the web application and notify the owner of the resource. In the context of protecting a web application, the identified vulnerabilities will be additionally protected by virtual patching rules.

Nemesida Scanner identifies the following types of vulnerabilities:

  • SQLi, XSS, LFI;
  • Using components with known vulnerabilities;
  • Critical data in the public domain.

The scan results are available in the Nemesida WAF Cabinet.