RE: Spi's products worth a try? Or any suggestions for developers' tool?

["Phil Pavay" <philp () cenzic com>]

Folks,

I am a participant in this email list and very much appreciate the
technical content and learned opinions and research discussed within
these topics. 

I am also under the impression (and would like the moderator to clarify)
that this is not a marketing and sales tool for the vendors. 

Phil Pavay - Cenzic


-----Original Message-----
From: Ory Segal [mailto:osegal () watchfire com] 
Sent: Saturday, November 05, 2005 2:00 AM
To: Aman Raheja; webappsec () securityfocus com
Subject: RE: Spi's products worth a try? Or any suggestions for
developers' tool? 

Hi,

You may want to download and evaluate Watchfire's AppScan, it also has a
version specifically for developers,

You can find more information at:
http://www.watchfire.com/products/security/default.aspx

Among other features of the product, you will also find elaborate fix
recommendations, which include secure coding samples both in ASP.NET (C#
and VB.NET) as well as Java (J2EE).

-Ory Segal
Watchfire.

-----Original Message-----
From: Aman Raheja [mailto:araheja () techquotes com] 
Sent: Friday, November 04, 2005 7:40 PM
To: webappsec () securityfocus com
Subject: Spi's products worth a try? Or any suggestions for developers'
tool? 

Hello
Anyone has any experiance with Spi's tools for web application
vulnerability scanning?
http://www.spidynamics.com/products/index.html
I need to suggest developers' tool so that they can self assess their
application and reduce the overhead of the testing team.
Any advice?
Thanks in advance.
Regards
Aman Raheja

http://www.techquotes.com