Re: Mike Bailey's Flash presentation is good.

[Florian Weimer <fw () deneb enyo de>]

> People in the web application security space are often more into
> "scanners" than people finding memory corruption bugs. I'm not sure what
> the root cause is there - perhaps the set of bug classes that are
> useful in web applications includes an abnormally large number of
> automatable possibilities?

Bugs in web application frameworks are typically not fixed in the
frameworks, but are classified as application bugs instead.  Each
application has to work around them.  That creates enough commonality
that makes scanners not entirely useless.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunitysec com
http://lists.immunitysec.com/mailman/listinfo/dailydave