Comodo Help
Find the desired product help
Xcitium SIEM

Xcitium SIEM

cWatch Web Security - Domain Administrator Guide

English

Print Help Download Help
Website Data And Settings > Security Scans > Vulnerability Scans > OWASP Top 10 Vulnerability Scans
  • Introduction To Comodo CWatch Web Security
    • Purchase A License
    • License Types
    • Login To The Admin Console
    • Add Websites
  • The Main Interface
  • The Dashboard
  • Website Data And Settings
    • Website Overview
    • Security Scans
      • Website Scans
      • Website Files Security Scans
        • Malware Scan Settings
          • Automatic Configuration
          • Manual Configuration
        • Run A Scan And View Results
        • Notifications, Malware Removal And Scheduled Scans
      • Vulnerability Scans
        • CMS Vulnerability Scans
        • OWASP Top 10 Vulnerability Scans
    • Content Delivery Network
      • Activate CDN For A Website
      • CDN Settings
      • View CDN Metrics
    • Firewall
      • WAF Statistics
      • WAF Events
      • Configure WAF Policies
      • Manage Custom Firewall Rules
    • SSL Configuration
    • DNS Configuration
    • Add Trust Seal To Your Websites
    • Back Up Your Website
      • Purchase A Backup License
      • Backup Settings
      • On-Demand Backup
      • View Backup Records And File Statistics
      • Restore And Download Website Files
      • Delete Backups
  • View And Upgrade Licenses For Domains
  • Manage Your Profile
  • Get Support
  • About Comodo Security Solutions

OWASP Top 10 Vulnerability Scans

 

      • Select a website from the drop-down at top-left and choose 'Scan' > 'Vulnerability Scan'
      • cWatch scans your sites for the top-ten vulnerabilities published by the Open Web Application Security Project (OWASP)
      • The results identify any weaknesses on your site and provides guidance to fix them

      You can run OWASP scans on-demand, and/or schedule weekly scans. You can also view the results of the last ten scans.

      • Open the cWatch dashboard
      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'

      The 'OWASP Top 10' pane contains the results of the last scan and lets you run or schedule a new scan.




      The last scan area on the right shows the results of the most recent scan.

      • Scan Date - When the last WASP vulnerability scan was run.
      • Score - The number of OWASP top-10 categories passed by your site.
      • High, Medium, Low and Information - Number of vulnerabilities found at each risk level.
      • Click the 'Refresh' icon at top-right to re-load results if you have just completed a more-recent scan.

      The pane lets you:

      • Run an on-demand scan
      • Configure Scheduled Scans
      • View detailed results of the last scan
      • View the results of previous scans

      Start an on-demand scan


      You can manually start a vulnerability scan at anytime:

      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'
      • Click 'Start Scan' in the 'OWASP Top 10 Scan' pane:




      • cWatch will begin scanning the domain for OWASP top 10 vulnerabilities.
      • Scan results are shown in the 'Last Scan' box on the right
      • Click the 'Refresh' icon at top-right to reload the results of the scan
      • Alerts will be generated if any vulnerabilities are found.
      • Click 'View Full Report' for a comprehensive overview of discovered vulnerabilities.
      • See View detailed results of the last scan for more details.


      Schedule a scan


      You can enable an automatic, weekly OWASP scans on any of your websites

      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'
      • Use the switch in the OWASP pane to enable the weekly scan, as shown in the screenshot below:




      • Weekly scans will start the next day and will run at the same day/time every week after that
      • For example, if you enable the weekly scan at 6:00 PM on Friday, the scans will run every Saturday at 6:00 PM.


      View detailed results of the last scan

      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'
      • Click 'View Full Report' under 'Last Scan' in the 'OWASP Top 10' Scan pane

      The results page shows the number of threats in each OWASP attack category.




      OWASP Top 10 Vulnerabilities - Column Descriptions

      Column Header

      Description

       Rank

      Severity, or criticality, of the attack category.

       Vulnerabilities

      Number of threats in this category that were found on your site.

      • Click the number to view the complete details of the threat, list of files affected and guidance to fix the issue
      • See View Details of Identified Vulnerabilities information for more details

       Description

       A short explanation of the vulnerability.


      View Details of Identified Vulnerabilities


      The 'OWASP Scan Results' page contains detailed information about each vulnerability, and has guidance to help you fix them.


      Tip: You can also submit a request for Comodo specialists to manually remove the threats. Manual removal is only available for domains with a premium license.


      View detailed vulnerability information

      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'
      • Click 'View Full Report' under 'Last Scan' in the 'OWASP Top 10' Scan pane

      The numbers of vulnerabilities identified in each of the top ten OWASP vulnerability categories is shown as a list.

      • Click the number in a category in which vulnerabilities were found




      The details dialog shows a list of specific threat types found within that category.

      • Click a threat type to view affected files. The results also show guidance to remediate the threat:



       

      • The 'Vulnerabilities' pane shows a list of affected files with their risk level
      • The 'Fix Guidance' pane summarizes the fix recommendations
      • The 'Long Description' pane contains detailed background information on the threat


      View the results of previous scans


      You can view the results of the 10 most recent OWASP top 10 vulnerability scans on your site. 

      • Select the target website from the menu at top-left
      • Click the 'Scan' tab then 'Vulnerability Scan'
      • Click 'View Scan History' in the 'OWASP Top Scan' pane




      The dates of the previous scans are shown at the top of the history window.

      • Select a date to view detailed results from the scan run on that day

      See View detailed results of the last scan if you need more help with this.


      Our Products
      • Free Antivirus
      • Free Internet Security
      • Website Malware Removal
      • Free Anti-Malware
      • Anti-Spam (Free Trial)
      • Windows Antivirus
      • Antivirus for Windows 7
      • Antivirus for Windows 8
      • Antivirus for Windows 10
      • Antivirus for MAC
      • Antivirus for Linux
      • Free Endpoint Security
      • Free ModSecurity
      • Free RMM
      • Free Website Malware Scanner
      • Free Device Manager for Android
      • Free Demo
      • Network Security
      • Endpoint Protection
      • Antivirus for Android
      • Comodo Antivirus
      • Wordpress Security
      Cheap CDN
      • Bootstrap CDN
      • Semantic UI CDN
      • Jquery CDN
      • CDN Plans
      • CDN
      • Free CDN
      Enterprise
      • Patch Management Software
      • Patch Manager
      • Service Desk
      • Website Down
      • Endpoint Protection Solutions
      • Website Security Check
      • Remote Monitoring and Management
      • Website Security
      • Device Manager
      • ITSM
      • CRM
      • MSP
      • Android Device Manager
      • MDR Services
      • EDR Services
      • Ransomware Prevention
      • Managed IT Support Services
      • EDR
      Free SSL Certificate
      Support Partners Terms and Conditions Privacy Policy

      © Comodo Group, Inc. 2023. All rights reserved.