Table of Contents

SwyftComply

Rama Sadhu Updated by Rama Sadhu

With the SwyftComply feature, AppTrana customers can receive a clean, zero-vulnerability report within 72 hours.

Step 1: Auto Scan & Pentest

To get started with SwyftComply, go to the Detect tab. Once you've done at least one scan for your application, you can request SwyftComply. This scan can be AUTO SCAN or manually started.

Key Considerations for MANUAL PENTEST
  • Submit an existing pen testing report if available.
  • Obtain a manual pen testing report from our certified security experts if needed.
  • Proceed without a Pen-Testing report if unnecessary.
  • If pen testing is required, generate a SwyftComply request only after receiving PT report.
The 72-hour SLA on a clean report is only after identifying all vulnerabilities. So, if you opt for a Pen Test from Indusface, you’ll need the complete Pen Test report before the SLA applies
Step 2: Vulnerability Report

Once scanning and pen-testing are complete, access a detailed report of vulnerabilities in the Vulnerabilities tab of the Scan Summary section.

Category

Description

URL

The specific web address or endpoint where the vulnerability was found within your application.

Category

Classifies the type of vulnerability, such as injection flaws, authentication issues, or sensitive data exposure.

Severity

 

Indicates the level of risk associated with the vulnerability, ranging from low to critical.

Detected by

 

Identifies the tool or method used to detect the vulnerability, whether an automated scanner or manual testing.

View Details

 

Provides access to additional information about the vulnerability, including technical details and mitigation recommendations.

POC Status

 

Specifies whether a proof of concept (POC) demonstrating the vulnerability's exploitability is available, pending, or not provided.

 

Step 3: Autonomous Protection

Click "Initiate SwyftComply" to start the instant protection. 

Access the AppTrana – SwyftComply screen, then click "Start SwyftComply”.

At any point, you can see the protection status on the Protection tab of the Scan Summary section.

Category

Description

URL

The specific web address or endpoint where the vulnerability was found within your application.

Category

Classifies the type of vulnerability, such as injection flaws, authentication issues, or sensitive data exposure.

Severity

 

Indicates the level of risk associated with the vulnerability, ranging from low to critical.

Protection Type

Describes the specific category of rules implemented – Advanced, Premium, or Custom Rules

Protection Status

Shows current protection status – Protected/Unprotected

Custom Rule Status

Specifies the progress or status of requested custom security rules

Step 4: Re-validation

After patching, an automatic revalidation at the WAAP level ensures that the patches provide accurate protection.

Within 72 hours, the Protection tab displays the vulnerabilities' status and protection type.  

Step 5 - Clean Zero Vulnerability Report

Click "View SwyftComply Report" to access the zero-vulnerability report.

 The report offers detailed insights into each vulnerability addressed during the SwyftComply process, ensuring complete coverage of your application's security status.

Click the "Download as PDF" option to retrieve the zero-vulnerability report in PDF format.

Vulnerabilities that cannot be protected via WAAP will require fixing in the code.

If new vulnerabilities are identified later, you can “Initiate SwyftComply” again.

How did we do?

Self Service Rules

WAF Automated Bypass and Unbypass

Contact

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply.