<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: Executing Web Scanner on Splunk WebUI in Security</title>
    <link>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/607568#M16248</link>
    <description>&lt;P&gt;I don't have a whole lot of information about this, just wanted to comment that personally I've had an issue with&amp;nbsp;Burp Suite crashing Splunk.&lt;/P&gt;&lt;P&gt;We have had to ask them to turn back the&amp;nbsp;Burp Suite threads to half.&amp;nbsp;&lt;/P&gt;</description>
    <pubDate>Fri, 29 Jul 2022 16:30:30 GMT</pubDate>
    <dc:creator>_joe</dc:creator>
    <dc:date>2022-07-29T16:30:30Z</dc:date>
    <item>
      <title>Executing Web Scanner on Splunk WebUI- What issues should I be on the lookout for?</title>
      <link>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/567675#M15612</link>
      <description>&lt;P&gt;One of my ISSO's asked that I scan an implementation of the Splunk WebUI using Burp Suite Enterprise (similar to a Nessus Web App scan or WebInspect scan).&amp;nbsp;&lt;/P&gt;
&lt;UL&gt;
&lt;LI&gt;What issues should I be on the look out from doing this?&amp;nbsp;
&lt;UL&gt;
&lt;LI&gt;Mitigations?&lt;/LI&gt;
&lt;/UL&gt;
&lt;/LI&gt;
&lt;LI&gt;Any known settings / best practices for this?&lt;/LI&gt;
&lt;LI&gt;In terms of user agreements, are there any known clauses that might limit/prevent this?&lt;/LI&gt;
&lt;/UL&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thank you&lt;/P&gt;</description>
      <pubDate>Fri, 29 Jul 2022 17:09:45 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/567675#M15612</guid>
      <dc:creator>chaday00</dc:creator>
      <dc:date>2022-07-29T17:09:45Z</dc:date>
    </item>
    <item>
      <title>Re: Executing Web Scanner on Splunk WebUI</title>
      <link>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/607568#M16248</link>
      <description>&lt;P&gt;I don't have a whole lot of information about this, just wanted to comment that personally I've had an issue with&amp;nbsp;Burp Suite crashing Splunk.&lt;/P&gt;&lt;P&gt;We have had to ask them to turn back the&amp;nbsp;Burp Suite threads to half.&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Fri, 29 Jul 2022 16:30:30 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/607568#M16248</guid>
      <dc:creator>_joe</dc:creator>
      <dc:date>2022-07-29T16:30:30Z</dc:date>
    </item>
    <item>
      <title>Re: Executing Web Scanner on Splunk WebUI- What issues should I be on the lookout for?</title>
      <link>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/607573#M16249</link>
      <description>&lt;P&gt;Well, automatic scanners can produce lots of false positives. Especially if operated by inexperienced crew and/or not screened manually afterwards.&lt;/P&gt;&lt;P&gt;There was a thread lately about a scanner finding "SQL injection" among other things in Splunk.&lt;/P&gt;</description>
      <pubDate>Fri, 29 Jul 2022 17:42:40 GMT</pubDate>
      <guid>https://community.splunk.com/t5/Security/Executing-Web-Scanner-on-Splunk-WebUI-What-issues-should-I-be-on/m-p/607573#M16249</guid>
      <dc:creator>PickleRick</dc:creator>
      <dc:date>2022-07-29T17:42:40Z</dc:date>
    </item>
  </channel>
</rss>

