PT BlackBox

Web applications are a popular destination for attackers. Almost all web applications have vulnerabilities that allow cybercriminals to attack users. Such attacks can result in the spread of malware, redirection of users to malicious sites, or data theft through social engineering. Hackers can steal critical data from 91% of web applications and can gain access to 84% of web applications. According to the Threats and vulnerabilities in web applications 2020–2021 study by Positive Technologies

98%
of applications contain vulnerabilities
91%
of applications allow hackers to steal sensitive data
84%
of applications let hackers gain access to a web resource

Positive Technologies experts found that a typical corporate application might have over 20 vulnerabilities, and one fifth of them is posing severe threats. If attackers manage to abuse these vulnerabilities, a company may face serious financial and reputational risks, such as theft of critical data, loss of customer trust, or a complete shutdown of business processes.

PT BlackBox allows you to analyze applications' security and identify and eliminate vulnerabilities at the earliest stages of software development. To detect vulnerabilities, PT BlackBox simulates the behavior of an attacker who has no knowledge of the application's inner workings. PT BlackBox assesses the security of your web application without any initial data other than the target address. Such a dynamic analysis enables you to timely identify vulnerabilities and mitigate security threats that can pause risks at your company's operations.

Advantages of PT BlackBox

Reduces costs
PT BlackBox recognizes and skips duplicate pages.
Detects hidden web pages
Thanks to a combination of signature and heuristic analysis, PT BlackBox identifies the test and administrative pages.
Easily integrates into a software life cycle
Enables to effectively detect and remediate vulnerabilities at early stages of software development.
Can be carefully tailored to the customer's needs
The scanning parameters are fully customizable.

Three Easy Steps to Make Your Applications More Secure

PT BlackBox is easy to use, and it increases the security of your web app in three simple steps.


1. Start scanning

and go about your day as usual. The scanner will authorize itself in your app, analyze it, perform an attack, and collect data.

2. All you have to do is analyze

the PT BlackBox report.

3. Fix the found errors

Update the versions of the applications and components in use, update configurations, and adjust the software delivery process accordingly. Perform another scan.

Product Delivery Options

Positive Technologies recommends that all website owners scan their resources with the help of the free PT BlackBox Scanner online version. It will instantly find vulnerabilities in your web resources and generate a report with recommendations on fixing them. With a quick scan, you can find bugs and application environment issues, version-related vulnerabilities, and application installation errors.

Moreover, Positive Technologies customers can choose a fully autonomous and customizable on-premise solution with advanced functionality. It can be deployed on customer infrastructure, which allows you to detect a wide range of vulnerabilities, such as SQL injection, XSS, and RCE.

Capabilities Online solution On-premise solution
Instant scanning + +
User authorization + +
Regular vulnerability database updates + +
Description of vulnerabilities and recommendations on how to fix them + +
CI/CD-based scanning (continuous integration and continuous delivery) + +
Full scanning Upon request +
Flexible scanning configuration - +
Parallel scanning of web applications - +
API scanning - +
Authorization on the target (to scan closed sections of a web application) - +
Downloadable report with scan results - +
User and role administration - +
Access Free access at: bbs.ptsecurity.com Upon request