Indusface WAS Reviews & Product Details

What I like about the WAS platform is that it combines EASM + PTaaS and provides Risk based Vulnerability scoring for all the vulnerabilities. Review collected by and hosted on G2.com.

The product's main impact is whether it performs scanning properly and shows the information. It does things well on that front, so I have no complaints. Review collected by and hosted on G2.com.

We opted for both manual VAPT and automated WAS Scan. CERT-In empaneled Indusface platform was quite accomodative to provide custom solution based on our use case.

We had two applications reviewed and scanned by the Indusface platform: a frontend and a backend application. After providing complete KT to the Indusface Team, they quickly configured their systems to setup the scans.

Manual Scan (VAPT): Indusface team thoroughly tested out all the APIs and provided their observations within 2 weeks. Team provided support in fixing the observations as well. Overall within 3-4 weeks, we were given the self-host certificate and VAPT report.

Automated Scan: On Indusface platform, daily auto-scans run which tests for any vulnerabilities on our website and lets us know in real time if anything needs to be fixed. Review collected by and hosted on G2.com.

Nothing major but a couple of UX improvements. Review collected by and hosted on G2.com.

The tool and pen testing we got done with from them helped us with our security accreditation and audit processes. Review collected by and hosted on G2.com.

Not something of which I can think at the moment. The tool and team have been helpful. Review collected by and hosted on G2.com.

Managing multiple vulnerabilities across multiple sites has become really effortless, as the AI and risk-based analysis gives us a list of top vulnerabilities to focus on to protect our business. Review collected by and hosted on G2.com.

When talking about bad, there is nothing specific to the point. Does the job a DAST scanner should do? Review collected by and hosted on G2.com.

We have been using the Indusface WAS regularly for about three years. We have found that it to have consistent and reliable detection over time which is verified from time to time by third party penetration testing.

Other positives are the ease of use of the platform. The online portal interface is easy to use and intuitive.

And lastly excellent customer support. When an issue / request is raised one can be assured that it will be considered and actioned where possible. Review collected by and hosted on G2.com.

The only thing that I would wish was different is that there is no reduced/special pricing for staging/development environment scans. Currently we have to make do with the free version for testing before deployment to the development environment and it is quite limited in it's functionality, as well as the number and type of scans allowed. It would be great to have one's development environment included when buying a license for the production environment or to have access to a second license at a reduced cost to detect and remediate vulnerabilities before moving a solution to the development environment. Review collected by and hosted on G2.com.

The automated scanner of Indusface WAS API covers OWASP API top 10 vulnerabilities and the manual pen testing helps to cover the vulnerabilities in applicaiton level including business.

You can utilize the auto scan throught the year to regularaly scan your application through their portal either schedule it or manually running it. Review collected by and hosted on G2.com.

Couldn't find anything I can put here as the goals were fulfilled with all expectations. Review collected by and hosted on G2.com.

The scanner helps in performing deep-dive security scans for our sites and provides us with comprehensive reports of vulnerabilities. Review collected by and hosted on G2.com.

I haven't thought of anything yet; nothing specific to highlight as of now. Review collected by and hosted on G2.com.

The Indusface WAS plugins are regularly updated for identifying new types and categories of vulnerabilities which makes the product really reliable for use.

Easy follow-ups and quick replies helped in closing the VAPT very quickly Review collected by and hosted on G2.com.

Haven't thought about that as the main activity is security scanning which is fine. Review collected by and hosted on G2.com.

We are 100% satisfied with Indusface WAS. It provides a clear view of critical, high, and medium open vulnerabilities.

We run scans for our specific complex workflows, and the scanner runs properly without any issues of false positives.

They've recently added an Asset Discovery feature, which is the cherry on the cake. It makes maintaining an inventory of public-facing web assets easy. Review collected by and hosted on G2.com.

The time-out time post inactivity in the portal can be longer. Review collected by and hosted on G2.com.

They have recently introduced a new feature that provides a detailed risk analysis of our business that includes multiple factors like the criticality of our assets, their association and the complexity of the vulnerabilities that can probe into our systems.

That is very helpful for us to know our risk posture Review collected by and hosted on G2.com.

Literally, nothing as keeping safe from the top threats to our business is necessary for us. Review collected by and hosted on G2.com.