Glossary
This document is for:
Invicti Standard, Invicti Enterprise On-Premises, Invicti Enterprise On-Demand
This glossary provides explanations of commonly used terms related to Invicti Standard and Invicti Enterprise scanners.
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z
A
- Account Owner - the user with all permissions in an Invicti Enterprise account.
- Addressed Issue - an issue that has been addressed and whose state has been updated.
- Agent - refer to Scanner Agent or Authentication Verifier Agent.
- Agent Mode - service displaying whether the agent is a scanner or an authentication verifier agent.
- Application and Service Discovery - service enabling you to become aware of an enterprise’s online assets, web applications, and services.
- Authentication Profiles - a saved custom script for form authentication in Invicti Standard and Enterprise and use it many times for different websites. When configured, the scanner uses this custom script to authenticate itself against the target website. For more information, refer to Authentication Profiles.
- Authentication Verifier Agent - agent carrying out the form authentication so that you can run an authenticated scan in your network. For more information, refer to Authentication Verifier for Internal Agents.
B
- Bi-directional Integration (2-way sync) - an integration method that helps Invicti scanner and an issue tracker system to synchronize issues between the applications. For more information, refer to Integrations.
C
- Certainty Percentage - the likelihood of that vulnerability being present.
- Classification - Invicti classifies vulnerabilities in various standards like CWE, CVSS, PCI, and HIPAA.
- Confirmation - indication that Invicti scanner is 100% certain about an issue identified. It verifies vulnerabilities by exploiting them in a read-only and safe manner. For more information, refer to Proof-Based Scanning.
- Controlled Scan - an attack method that can be used to scan a link with selected parameters and engines.
H
- Heuristic Web Vulnerability Scanner - Invicti scanner is a heuristic scanner and doesn’t use a signature database as traditional antivirus software does. So, it’s able to identify zero-day vulnerabilities in any type of custom web application. For more information, refer to the Advantage of Heuristic over Signature Based Web Vulnerability Scanners.
I
- Incremental Scan - scan of newly introduced and amended pages since the initial scan. It also checks whether the vulnerabilities identified previously still exist.
- Invicti Hawk - scanner service allowing to detect out-of-band vulnerabilities. For more information, refer to How Invicti Hawk Finds Vulnerabilities.
- Invicti Shark (IAST) - service adding interactive security scanning (IAST) capabilities to Invicti Standard and Enterprise. For more information, refer to Deploying Invicti Shark.
- Issue - a vulnerability identified by the scanner.
L
- Link - an HTTP Request for Invicti scanner. This can be a web page, submit button at the end of a form, or AJAX requests.
- Link Pool - a pool where the scanner collects all links while crawling the web application or website. The link pool is also used to attack these links to identify vulnerabilities.
M
- Manual Crawling - a process used to scan parts of a web application that can’t be crawled automatically. This feature also lets you scan mobile web applications and native desktop applications. For more information, refer to Manual Crawling in Proxy Mode.
N
- Notification - information about the status of a web application security scan or when specific vulnerabilities are detected by it. For more information, refer to Notifications.
P
- Proof-Based ScanningTM - Invicti’s Proof-Based ScanningTM technology actively and automatically verifies detected vulnerabilities, confirming that they are real and not false positives, by exploiting them in a read-only and safe manner. It’s completely safe. For example, when exploiting a SQL injection vulnerability and generating a proof of exploit for it, the scanners only try to read data from the database, not write or delete it.
- Proof of Concept - an actual exploit that proves that the vulnerability exists. For example, after exploiting cross-site scripting (XSS) vulnerability, the scanner will report the payload that was used to inject code. Apart from providing evidence of the vulnerability, a proof of concept can also help developers isolate the exact issue that made exploitation possible.
- Proof of Exploit - a proof of exploit is used to report the data that can be extracted from the vulnerable target once the vulnerability is exploited, demonstrating the impact an exploited vulnerability can have and proving that it is not a false positive. Invicti scanners can generate proof when they identify the following vulnerability types:
- SQL Injection
- Boolean SQL Injection
- Blind SQL Injection
- Remote File Inclusion (RFI)
- Command Injection
- Blind Command Injection
- XML External Entity (XXE) Injection
- Remote Code Evaluation
- Local File Inclusion (LFI)
- Server-side Template Injection
- Remote Code Execution
- Injection via Local File Inclusion
R
- Report Policy - a list of reporting settings for web security scan results and reports. For more information, refer to Overview of Report Policies.
- Request Builder - Invicti scanners allow you to work with HTTP requests. Thanks to the request builder, you can, for example, craft your own HTTP requests, send requests to targets, and modify the imported HTTP requests. For more information, refer to HTTP Request Builder.
- Resource Finder - feature of the scanner that checks files and folders that can lead to security risks even when they aren’t linked in the web application. These files, for example, can be admin, login, or backups.
- Retest - scan of the vulnerable pages after the fix.
- Role - permissions determining what kind of responsibilities a team member has within Invicti Enterprise. For more information, refer to Managing roles in Invicti Enterprise.
S
- Scan Groups - an option allowing you to create a scan group based on your scan configuration although these scans are related to the same host/domain name. So, you can view relevant dashboards, issue trends, etc. based on the scan group you selected. For more information, refer to Scan Groups in Invicti Enterprise.
- Scanner Agent - agent conducting the actual scan job and then reporting the results back to Invicti Enterprise. For more information, refer to Installing Internal Agents.
- Scan Policy - a list of web application security scan settings. When you want to run a scan, you attach it to a Scan Policy. For more information, refer to Overview of Scan Policies.
- Scan Policy Optimizer - a built-in wizard that helps you narrow down the security checks that will be run against your web application. Thanks to the optimizer, you can tweak the scanner to only run, for instance, Apache-related security checks while ignoring ISS-related checks. For more information, refer to Scan Policy Optimizer.
- Scan Profile - saved scan settings for future scans. Scan Profiles can be reconfigured at any time. For more information, refer to Scan Profiles.
- Scan Scope - function that lets you define which parts of the target web application should be crawled. For more information, refer to Scan Scope.
- Scheduled Scans - saved settings that allow you to schedule scans in advance. You can schedule full, incremental, and group scans. For more information, refer to Scheduling Scans.
- Severity - importance of the vulnerability identified. For more information, refer to Vulnerability Severity Levels.
T
- Target URL - target URL of the website, including the path.
- Technical Contact - the person who is responsible for the website or vulnerability.
- Trend Matrix - a report showing correlated, trending data about the status of those vulnerabilities identified in your web application across several scans. For more information, refer to Trend Matrix Report.
V
- Vulnerability Database - the database Invicti scanners rest on to report known technologies, their versions, and their vulnerabilities. The database is periodically updated. For more information, refer to the Vulnerability Database.
W
- Website - a website is defined in Invicti Standard and Enterprise as a fully qualified domain name (FQDN). An FQDN is the complete domain name for a specific target and consists of two parts: the hostname and the domain name. The below examples are considered to be 1 website as they share the same FQDN.
- http://example.com
- https://example.com
- http://www.example.com
- http://www.example.com/test
Subdomains and ports share the same FQDN but are considered to be different websites. For example:
- http://example.com
- http://test.example.com
- http://example.com:81
- http://api.example.com
- Website Groups - a group of websites to ease the management of multiple websites and scans. Grouping websites also is important for the multiple team feature in Invicti Enterprise as you can assign a team or members only to website groups. For more information, refer to Website groups in Invicti Enterprise.