Executing Web Scanner on Splunk WebUI

Path Finder

One of my ISSO's asked that I scan an implementation of the Splunk WebUI using Burp Suite Enterprise (similar to a Nessus Web App scan or WebInspect scan). 

  • What issues should I be on the look out from doing this? 
    • Mitigations?
  • Any known settings / best practices for this?
  • In terms of user agreements, are there any known clauses that might limit/prevent this?


Thank you

Labels (2)
0 Karma
Did you miss .conf21 Virtual?

Good news! The event's keynotes and many of its breakout sessions are now available online, and still totally FREE!