The Fortra Security Seal

Gain confidence with your clients by displaying a Fortra security seal to confirm the highest security standards are maintained on your site. The security seal is easy to deploy, available for design customization, and directly links with Fortra VM to confirm current security status.

  • Visitors to your site see confirmation of testing by a trusted third party

  • Reduce faith losses and see increased conversion rates

Enable Security Seal

In your WAS account, use the side menu to navigate to System > Account Profile. Under the Security Seals section toggle "Allow Security Seals" to ON.


Creating a Security Seal

Manage Security Seal by selecting the Security Seals option under System in the menu. Use the + New Security Seal button to create a Security Seal.

Required fields: 

  • Name

  • Scan Type: Active View or Recurring scan

  • Web App

  • Rating Scheme

IMPORTANT: Security Seals have a one-to-one releationship with Web Apps. Only one Web Application can be associated with a seal configuration.

Active View Scan type

Selecting an Active View scan type will validate the seal based on the Active View web app data. Seal validation will only occur if the web app scan has completed and "Add to Active View" is enabled within the scan template.

Recurring Scan Type

The selection of a Scan source is required for Recurring scan type seals.

Rating Scheme

The selected Rating Scheme will determine the results for the Security Seal status based on the Web App's vulnerability severity. Security Seal status will be displayed as either Passing or Failing.

Definitions for Failing security seal status:

Rating Scheme Selected Web App Severity Value Seal Status
PCI Fail Failing
DDI / FVM Medium, High, Critical

Failing

NVD Medium, High Failing

Security Seal Details

Once a security seal has been created, WAS begin the process of validating the security seal using historical scan data for the associated Web Application. If you historical scan data is not found, the seal is put in a pending state until a scan has completed.

General Information for the Web App Seal includes a generated code snippet. The Code snippet can be copied and applied to a third party website to display the Security Seal badge. The right panel displays a preview of the seal badge and the last scan results that determine the current status of the seal.