The Fortra Security Seal

Gain confidence with your clients by displaying a Fortra Security Seal to confirm the highest security standards are maintained on your site. The Security Seal is easy to deploy, available for design customization, and directly links with Fortra VM to confirm current security status. The benefits of a Security Seal are:

Visitors to your site see confirmation of testing by a trusted third party
Reduce faith losses and see increased conversion rates

Enable Security Seal

In your WAS account, use the side menu to navigate to Account > Profile. Under the Security Seals section toggle Allow Security Seals to ON.

Creating a Security Seal

From the WAS interface, manage a Security Seal by selecting Scan Settings > Security Seals. Select + New Security Seal to create a Security Seal.

Required Security Seal fields

Name
Scan Type: Active View or Recurring scan
Web App
Rating Scheme

IMPORTANT: Security Seals have a one-to-one relationship with Web Apps. You can associate only one Web Application with a seal configuration.

Active View Scan type

Selecting an Active View scan type will validate the seal based on the Active View web app data. Seal validation will only occur if the web app scan has been completed and Add to Active View is enabled within the scan template.

Recurring Scan Type

You must select a Scan source for Recurring scan type seals.

Rating Scheme

The selected Rating Scheme will determine the results for the Security Seal status based on the web app's vulnerability severity. Security Seal status will be displayed as either Passing or Failing.

Definitions for Failing security seal status

Rating Scheme Selected	Web App Severity Value	Seal Status
PCI	Fail	Failing
DDI / FVM	Medium, High, Critical	Failing
NVD	Medium, High	Failing

Security Seal Details

One you create a Security Seal, WAS will begin the process of validating the seal using historical scan data for the associated Web Application. If your historical scan data is not found, the seal is put into a pending state until a scan has completed.

General Information for the Web App Seal includes a generated code snippet. You can copy the Code snippet and apply it to a third party website to display the Security Seal badge. The right panel displays a preview of the seal badge and the last scan results that determined the current status of the seal.

Copyright © Fortra, LLC and its group of companies.
All trademarks and registered trademarks are the property of their respective owners.
202410020114 | October 2024