- feeds
- popular
- recent
- reader
- about
- story
- technologies
- what is rss
- connect
- dmca
- contact
- Feed Preview The Automated Vulnerability Scanner for DevOps
Introducing the Ability to Scan for Vulnerabilities on Web Applications Spanning Multiple Domains
Today we are pleased to announce that we have just released a new feature that allows you to scan for vulnerabilities on web applications spanning multiple domains! Until now you could only regis...
Announcing VAddy PrivateNet: Scan for vulnerabilities on your intranet or localhost!
VAddy is a web service that not only makes it easy to scan your website for vulnerabilities, but can also be automated together with other continuous integration tools. VAddy was originally desi...
Scanning for parameters anywhere in a URL path
VAddy has been able to scan for vulnerabilities in URL path parameters for quite some time, but it has only looked for parameters at the end of URL paths. In a URL like http://example.com/foo/bar...
Scanning for vulnerabilities with VAddy and AWS CodeBuild
At last week’s AWS re:Invent 2016 conference, Amazon announced its new “fully managed build service that compiles source code, runs tests, and produces software packages that are ready to de...
CacooUp Taipei & Meet Taipei
CACOOUP TAIPEI Our friends at Nulab recently invited us to speak at CacooUp , a meetup for Cacoo users in Taiwan (of whom there are now 120,000!) that Nulab has been hosting since 2012. Ther...
Improved access to crawl data for review
It’s been a long time coming, but you can now (finally) view the crawl data used for each of your scans with VAddy! Crawl data includes the URLs that are scanned as well as the request parame...
Introducing go-vaddy
We are happy to announce that we have just released a new command-line tool for Mac, Linux, and Windows: go-vaddy. As the name implies, it is implemented in the Go programming language and uses V...
Showing HTTP status codes for server verification errors
VAddy automatically generates a verification code when you register a domain name (server) to scan. To verify your ownership of this domain name, you must place an HTML file with this code in you...
Viewing response data (with XSS highlights) when vulnerabilities are detected
VAddy has always shown you the URL of each vulnerability it detects in your web application along with the parameter names and request data that were used to detect it. But what if there is more ...
Scanning for vulnerabilities with crawl data labels via Jenkins
About a month ago, we updated VAddy’s web API to allow you to scan for vulnerabilities using custom labels added to your crawl data. As an example of how this feature might be used, you could c...
Scanning for vulnerabilities with crawl data labels via VAddy’s web API
VAddy allows you to scan for vulnerabilities using historical crawl data (i.e. URLs and parameters that you have registered in the past). Unlike other scanners that must spend a long time automat...
Scanning for vulnerabilities with historical crawl data via VAddy’s web API and Jenkins plugin
VAddy combines machine learning techniques with a set of URLs and parameters that you provide (called “crawl data”) to determine how your web application is structured and scan it for vulnera...
SCALE 14x
Hot on the heels of php2015, we recently headed to Los Angeles to attend SCALE 14x. > The Southern California Linux Expo (SCALE) is an annual Linux and > open source software con...
Scanning for vulnerabilities with historical crawl data
VAddy uses crawl data and machine learning techniques to determine the structure of your web applications and scan them for vulnerabilities. Crawl data records the URLs and parameters to be scann...
php 2015
In our continuing efforts to promote VAddy internationally, we travelled to Washington D.C. on November 16 to attend php 2015 as a sponsor. If you, too, have considered attending a conference to ...
Introducing VAddy’s new team features
In this blog post, I’d like to talk about the new team features we added when we released VAddy’s premium plans on September 7. VAddy’s Standard and Professional plans implement team feat...
Thoughts on Premium Plans and the Difficulty of Pricing Cloud-Based Services
On Monday, September 7, we finally released premium plans for VAddy . We designed these plans based on our experience running a free beta for six months—and all the feedback we received during ...
Security tests for web directors with non-engineering backgrounds
Though VAddy is unapologetically a tool for software developers, in this blog post I’d like to address a slightly different audience and explain how web directors with non-engineering backgroun...
Scanning for vulnerabilities in just 10 minutes with VAddy’s simple URL crawler (Finally!)
VAddy starts scanning for vulnerabilities after you have registered a test server and crawl data for your site. The crawl data includes URLs and parameters to scan; VAddy’s scanner learns the s...
Vulnerabilities are bugs, too—let’s test for them! An i...th the developers of VAddy, an automated security testing tool
This is an English translation of an interview that was published in Japan’s SEKAI LAB TIMES on May 13, 2015. The original URL is http://www.sekai-lab.com/times/?p=3052. VAddy is a cloud-b...