• Trustwave

    App Scanner Enterprise

  • Speak with a Trustwave sales specialist to learn more.

    Looking for support? Use our global network of support specialists to get help. Get support now
  • The more applications you have, the more attack surfaces you have to manage. Trustwave can help.

    With our highly accurate enterprise application scanner software, you can affordably and automatically scan many web applications – with central visibility – while fully leveraging the talents of your distributed team.


  • Protect all of your web applications with comprehensive vulnerability testing from Trustwave App Scanner Enterprise software.

  • App Scanner Enterprise lets you test as many applications as you would like for one fixed fee.

    Patented, behavior-based scanning technology (Cenzic Hailstorm engine) provides the most accurate vulnerability detection results for fast, efficient remediation.

    A modular, multi-layered architecture offers nearly unlimited scalability.

  • Role-based privileges and a powerful browser plug-in let your whole team drive application scans from anywhere, at any time.

    A centralized dashboard instantly displays application risk scores and tracks trends over time. Unique risk metrics help prioritize threats, coordinate team members and optimize security.


  • globe-blue-icon-60x60


    On-premise software

    Scalable, modular, distributed architecture

    Accurate, behavior-based detection

    Blue Computer


    Centralized dashboard and trend tracking

    Role-based privileges

    Browser plug-in for app traversal training from anywhere

    Blue Target

    Proven Security

    Highest detection rates

    Granular risk scoring to prioritize vulnerabilities

    Best-practice remediation advice

How It Works

  • Trustwave App Scanner Enterprise automates the process of discovering security vulnerabilities in web applications and services across the enterprise. Its patented Hailstorm scanning engine contains an emulated browser to observe actual application behavior for extremely high detection with low false positives. Trustwave App Scanner Enterprise can detect more than 128 categories of vulnerabilities in web applications, web services and cloud applications.

    To better meet the needs of distributed organizations, App Scanner Enterprise software has a modular architecture and powerful centralized management capabilities.

    Enterprise App Scanner includes four major parts: the Application Risk Controller (ARC) server, Hailstorm Attack Execution Engine (AEE), a database, and browser plug-in. ARC controls and coordinates all operations. The database centrally and securely stores test results. App Scanner’s browser plug-in allows any employee anywhere to set up thorough scans that reach every page of an application.

    The Attack Execution Engines use a library of “SmartAttacks,” which are automatically updated weekly. AEEs can be located inside a firewall to scan internal apps, in a DMZ to scan external apps and in multiple domains or geographies. Having multiple AEEs deployed enhances flexibility, scalability and performance for large organizations.

    To maximize the contributions of distributed team members without creating unnecessary internal risk, App Scanner Enterprise allows administrators to create very granular role-based permissions. Administrators define who can view vulnerability findings for which applications. This allows restricting vulnerability information on a need-to-know basis to only those with responsibility for a particular app. App Scanner Enterprise allows easy integration with WAF and SIEM. App Scanner Enterprise supports hybrid operation with App Scanner Managed, for one central repository and view of findings.

    Executives view aggregate risk scores for all applications and trend charts of overall risk posture. More than 26 reports are available, including many specific compliance regimes. Executives can see trends to demonstrate team progress on overall security posture.

  • Cenzic Screenshot App Scanner Enterprise Dashboard

    HARM Screenshot26 types of vulnerability reports cover a range of compliance regimes, include PCI, with summary findings and detailed best-practice remediation advice.


  • Documents