All Collections
Does Probely scan OWASP Top 10?
Does Probely scan OWASP Top 10?
Probely is able to do a OWASP Top 10 scan and produce the matching compliance report.
Nuno Loureiro avatar
Written by Nuno Loureiro
Updated over a week ago

Probely is able to scan for the 2017 OWASP Top 10, searching for a wide range of vulnerabilities that belong to the different OWASP Top 10 categories.

All scan profiles, except for the Security Posture, check for the Top 10 vulnerabilities. 

You can get an OWASP Top 10 Compliance Report after the scan, which includes a table indicating which areas of the Top 10 were Tested and which ones Passed or not. 

Currently, Probely is not able to test for the A10 Insufficient Logging & Monitoring.
Testing for A10 would require the scanner to have access to your system logs to check if requests to your server are being logged (and with adequate content). It would also require access to any monitoring tool you have to check if alarms are raised when an attack is performed.
It is not possible for a scanner to check for these unless they have administrative/root access to your systems. If you find a scanner that states A10 verification, you should ask them what they do to verify A10, and then you can judge it for yourself.

Did this answer your question?