Web Vulnerability Scanning System

Simulates website visitor

Pro-actively identifies
unexpected vulnerabilities


Web Vulnerability Scanning System provides actionable analysis and reporting with an easy-to-read,
prioritized remediation plan to improve the security of your websites.


NSFOCUS understands how critical your web servers and applications are to your business and we have designed a closed-loop web application security solution to protect you from web attacks, data breaches and downtime. This solution includes website protection through our Web Application Firewall (WAF) and pro-active vulnerability assessment using our Web Vulnerability Scanning System (WVSS).


Features and Benefits


Accurate Analysis Using the Latest Threat Intelligence

The NSFOCUS WVSS uses OWASP and WASC vulnerability templates and forensic scanning technology to locate and prioritize dangerous vulnerabilities. It is kept up to date using the latest web threat intelligence and automatically recognizes Ajax, Flash, Javascript, Web 2.0 applications and more.

High Performance Scanning

The NSFOCUS WVSS can easily scan over 100,000 pages per day because it is optimized to operate on large-scale web infrastructures by incorporating next gen technologies including intelligent page crawling, proxy caching, URL-level load balancing and automatically adapting speed based on bandwidth settings and consumption.

Local or Cloud-Delivered Vulnerability Assessment

The WVSS can be installed locally as a network appliance or delivered as a cloud service (coming Q3 2016) to support a wide range of compliance and security requirements.

Closed-Loop Security Through Integration With the NSFOCUS WAF

The results of WVSS scanning and analysis can be used to automate the configuration of the NSFOCUS WAF. The findings of WVSS can be input into the WAF to generate a “smart patch” to provide closed–loop detection and defense for your websites. This closed-loop system ensures the best, timely protection possible and reduces operational expenses by simplifying the configuration of your web application defenses.