Available in Classic and VPC
Web service diagnosis can be performed easily and conveniently in Naver Cloud Platform’s Web Security Checker. You can see how to do so in Start Web Security Checker and Use Web Security Checker, but we recommend taking a look at the usage scenario of Web Security Checker first. Reading the guide after learning the usage scenario will allow you to use Web Security Checker more smoothly. The overall sequence of using Web Security Checker and the description of each sequence are as follows.
1. Set usage permissions
2. Run diagnosis
3. Check diagnostic results
4. Re-diagnosis after strengthening vulnerabilities
1. Set usage permissions
Set the permissions to use Web Security Checker. The permissions to use Web Security Checker are defined by mapping ‘role’ to ‘sub accounts’ issued by Naver Cloud Platform’s Sub Account. Thus, you need to first create sub accounts other than your main account through Sub Account.
Sub Account is a service provided free of charge upon subscription request. For an introduction on Sub Account and details about its pricing plans, refer to the Services > Management & Governance > Sub Account menu in the NAVER Cloud Platform portal.
You can use sub accounts provided by Sub Account to configure admin permissions and user permissions of Web Security Checker. You can refer to the following guide(s):
2. Run diagnosis
Run vulnerability diagnosis in web services. Diagnosis is available by using the NAVER Cloud Platform console or API. You can refer to the following guide(s):
- When using the console: Use Web Security Checker
- When using the API: Web Security Checker API Guide
3. Check diagnostic results
Once the diagnosis is done, the diagnostic report is created. You can check the vulnerable weaknesses that require supplementation and find solutions in detail via the diagnostic report. You can refer to the following guide(s):
- When using the console: Check diagnostic reports
- When using the API: Web Security Checker API Guide
4. Re-diagnosis after strengthening vulnerabilities
Strengthen detected vulnerabilities according to diagnostic results and then re-diagnose and check whether measures have been taken for vulnerabilities. If the same target is re-diagnosed within 60 days after the initial inspection, two additional diagnoses are offered for free.
- When using the console: Run re-diagnosis
- When using the API: Web Security Checker API Guide