Security Basics mailing list archives

Re: Web Application Scanners

From: Bit Rider <bitrdr () yahoo com>
Date: Fri, 14 Jan 2005 12:21:53 -0800 (PST)

Web Inspect and AppScan are comparable products as far
as application vulnerability scanning goes. However,
both of these seemed to have high number of false
positives, from what I'm told. But I have also heard
about something called Hailstorm from a company calld
Cenzic. They seem to take a different approach by
automating the pen testing process with minimal false
positives. (There was a previous thing called
Hailstorm from Cenzic that was a net attack engine,
but the new one is focused on the app layer.)

<!--br>


--- Leon Rosenstein <leonr () traiana com> wrote:



Hi,

Currently looking over Webinspect & Sanctum.  What
are
some of peoples thoughts / experiences on Webinspect
vs AppScan?  Any other big players in the space
people
can suggest?  

Thanks,

Leon




                
__________________________________ 
Do you Yahoo!? 
Yahoo! Mail - now with 250MB free storage. Learn more.
http://info.mail.yahoo.com/mail_250

Current thread:

Web Application Scanners Leon Rosenstein (Jan 12)
- <Possible follow-ups>
- Re: Web Application Scanners Bit Rider (Jan 14)
  - Re: Web Application Scanners kaps lock (Jan 17)
  - Vulnerabilty Assessment & Whisker Doubts kaps lock (Jan 17)
    - Re: Vulnerabilty Assessment & Whisker Doubts Hamid . K (Jan 19)
- Re: Web Application Scanners Tom Stracener (Jan 18)