Scanning Your Private Sites with the Bifrost Tunnel
By- October 14, 2014
Today we're excited to introduce our newest enterprise feature: tunneled scans. Private tunnels are a secure, encrypted connection between your private web application and Tinfoil's scanners. We've simplified the popular open-source tool Ngrok to make it as easy as possible to scan your sites with Tinfoil, without having to host and manage an extensive on-premise solution. With the Bifrost Tunnel you can perform security scans on:
- Sites inside your private network
- Development machines as you're coding a new feature
- Continous integration systems as an acceptance test
- And more! Let us know what you're using it for.
Get started by installing and activating a simple client application, available on all major platforms. Currently the Bifrost Tunnel is running in a closed beta for our enterprise customers. Interested in trying it out?
By- June 11, 2012
Summer's coming up and things are also heating up at Tinfoil! We wanted to quickly give an update of some of the bigger things we've been hard at work on.
Request Rate: We now allow you to specify the target request rate we'll hit your website at during a scan. Before we were defaulting to a max of 40 requests per second, but some of you wanted us to be a bit more gentle when starting off the scan. Just like before, we still slow down the rate if your website looks to be under strain but now you choose where we max out at. You can even update it mid-scan if your engineers are yelling at you :) And if you think you can handle it, Thor is ready to take things up a notch and make your scans even faster!
Efficient Scans: To help make scans even shorter we've been hard at work making the scanning infrastructure super smooth and efficient. Our scanner is an intelligent beast, learning about your website as it goes to find all of the various vulnerabilities. It now also learns about the various templates for your webpages and once positive it's safe will skip new copies of the template. We've seen this speed up the scan by up to 80% for highly repetitive websites!
Dismissing Issues: Once your scan is done you can view and interact with your report to learn about what we found and exactly how to fix it. Some of the issues we bring up are merely best practices rather than explicit security vulnerabilities. We now allow you to dismiss them if you'd rather not be bothered again!
New Office: We're moving! The new Temple of Tinfoil is located at 828 Bryant St, Palo Alto CA 94301. Feel free to stop by sometime to say hello or BBQ with us! We've had a great time at Dogpatch Labs Palo Alto (run by the awesome folks at Polaris Ventures) but now it's time to move and grow into our own space. By the way, we're still hiring.