Venari, powered by Assert Security, is a fully-automated, cross-platform security analyzer that finds vulnerabilities in web applications and APIs. Venari works with modern web frameworks and integrates with the headless Chromium engine to achieve unmatched site discovery and coverage.

Product Editions

Ultimate Edition

Venari Ultimate is the desktop version for single users. This edition features a full UI and the ability scan applications from a local desktop installation. API testing, reports, re-test of individual findings and bulk re-test of all findings are all supported. Learn More

DevOps Edition

Venari DevOps Edition enables scaled scanning to allow multiple scans to run in parallel and/or for elastic scans to share the load of a single application scan across multiple worker nodes. DevOps Edition features role-based access control and full orchestration of headless scanning. Learn More

Professional Edition

Venari Professional Edition connects to scan cluster to start, schedule and provision jobs. This version enables onboarding of applications and scan job templates and re-test for false positive review and remediation. Users can also run discovery scans from the Professional Edition. Learn More

How it Works

Venari provides tools for all security roles. Organizations can scale AppSec automation from single-user to cross-platform, elastic deployments using containers, VMs or bare-metal hardware.

Specifications

Automation

  • Enables continuous AppSec assurance with REST API-based scanners that snap easily into CI/CD pipelines. Point and shoot scans discover and map the application.
  • Rule-based inspection and fuzzing engines automatically detect vulnerabilities and provide detailed evidence for fixing security issues quickly.

Cross Platform

  • Runs on Windows, Linux and MacOS.
  • Core platform is DotNet Core 5.1 so DevOps edition server components can run in VMs, PCs, or containers such as Redhat Enterprise Linux.

Shift Left

  • Scale headless security testing with concurrent, elastic scan clusters.
  • Worker nodes run in parallel to scan multiple applications at the same time and/or collaborate on scans of large applications.

Elastic Scanning

  • Easy-to-use triage and re-test features enable quick turn-arounds on verifying security issues and fixes.
  • Enables seamless integration between automatic, headless scans, and the associated manual activities.

Browser Driven

  • Click stream inspection allows Venari to analyze XHR traffic, WebSocket messages and the detailed DOM state as it changes.
  • The approach is quantum leaps beyond typical HTTP analysis. Powering discovery, attack vector probing & automatic login.

Modern Frameworks

  • The scan engine uses a pool of headless Chromium browsers to automate HTML interactions and track DOM state changes.
  • Chromium provides up to the minute support for web standards, coding trends, single page applications architectures, popular frameworks, libraries & JavaScript version changes.

Auto-Login

  • Venari features a truly revolutionary technology called Auto-Login that can usually login from only simple credentials as a starting point.

API Testing

  • Venari API onboarding supports popular tool formats and specifications like Postman collections and Open API specs.

Integrations

  • Venari has a universal traffic format that allows import from many common sources such as Burp, HAR, Fiddler, Open API, Postman and Selenium.

Partner with Acquired Data Solutions