WebApp Sec mailing list archives
Re: Spi's products worth a try? Or any suggestions for developers' tool?
From: bugtraq () cgisecurity net
Date: Mon, 7 Nov 2005 18:25:30 -0500 (EST)
Hailstorm does it differently, using what you might think of as active payloads. It monitors what each injected payload does and then monitors browser memory (it uses a baked-in version of Mozilla) to trap when code or events execute in the application space as a result of its actions. This is a world of difference between other black-box tools. Hailstorm also uses fairly advanced AI when it comes to analyzing server behavior: heuristics, causal and behavior triggers, a significant number of configuration options for advanced tuning. I like it because it gives me better, more accurate, more actionable, results. Period. I am certain it would benefit your team.
What a great sales pitch "App Master" or is it "Appman Zero"? - z http://www.cgisecurity.com/
Current thread:
- Re: Spi's products worth a try? Or any suggestions for developers' tool? App Master (Nov 07)
- Re: Spi's products worth a try? Or any suggestions for developers' tool? bugtraq (Nov 08)
- <Possible follow-ups>
- RE: Spi's products worth a try? Or any suggestions for developers' tool? Peine,Holger (Nov 08)
- RE: Spi's products worth a try? Or any suggestions for developers' tool? Ory Segal (Nov 08)