WebApp Sec mailing list archives
Re: Environment for testing WebApp Security Scanners
From: mikeiscool <michaelslists () gmail com>
Date: Wed, 9 Aug 2006 10:09:43 +1000
On 8/9/06, Dean H. Saxe <dean () fullfrontalnerdity com> wrote:
Then why haven't the tool vendors gone down that path? They are marketing to the lowest common denominator. People who want to check a box and say "I'm secure!"
Well sure they are primarily in the business of business, and secondarily in the business of trying to do a service to the world by helping companies secure their apps. But you'd know why better then me, considering your work for one.
Granted, web app scanners can be used as part of a secure SDLC, but I'd venture to guess that the vast majority of organizations don't implement them within an S-SDLC. Most probably don't ever do a follow-up with a manual pen test. -dhs
-- mic ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution. Try it today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB
--------------------------------------------------------------------------
Current thread:
- Environment for testing WebApp Security Scanners René Palige (Aug 07)
- RE: Environment for testing WebApp Security Scanners Mark Curphey (Aug 08)
- Re: Environment for testing WebApp Security Scanners Roman H. (Aug 08)
- RE: Environment for testing WebApp Security Scanners Brokken, Allen P. (Aug 08)
- Re: Environment for testing WebApp Security Scanners Dean H. Saxe (Aug 08)
- Re: Environment for testing WebApp Security Scanners Gerald Quakenbush (Aug 08)
- RE: Environment for testing WebApp Security Scanners Mark Curphey (Aug 08)
- Re: Environment for testing WebApp Security Scanners mikeiscool (Aug 08)
- Re: Environment for testing WebApp Security Scanners Dean H. Saxe (Aug 08)
- Re: Environment for testing WebApp Security Scanners mikeiscool (Aug 08)
- Re: Environment for testing WebApp Security Scanners Dean H. Saxe (Aug 08)
- Re: Environment for testing WebApp Security Scanners c0redump (Aug 09)
- Re: Environment for testing WebApp Security Scanners mikeiscool (Aug 09)
- <Possible follow-ups>
- RE: Environment for testing WebApp Security Scanners Evans, Arian (Aug 23)
- Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners Enis Karaarslan (Aug 24)
- Message not available
- Message not available
- RE: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners Enis Karaarslan (Aug 24)
- Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners Enis Karaarslan (Aug 24)
- Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners René Palige (Aug 24)
- Message not available
- Message not available
- RE: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners Enis Karaarslan (Aug 24)
- Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners René Palige (Aug 24)