Re: Spi's products worth a try? Or any suggestions for developers' tool?

[bugtraq () cgisecurity net]

> Hailstorm does it differently, using what you might think of as active 
> payloads. It monitors what each injected payload does and then monitors 
> browser memory (it uses a baked-in version of Mozilla) to trap when code or 
> events execute in the application space as a result of its actions. This is 
> a world of difference between other black-box tools. Hailstorm also uses 
> fairly advanced AI when it comes to analyzing server behavior: heuristics, 
> causal and behavior triggers, a significant number of configuration options 
> for advanced tuning. I like it because it gives me better, more accurate, 
> more actionable, results. Period. I am certain it would benefit your team.

What a great sales pitch "App Master" or is it "Appman Zero"?

- z 
http://www.cgisecurity.com/