[Owasp-delhi] how effective is "cenzic hailstorm" automated tool ?
c70n3r at gmail.com
Tue Aug 25 06:43:00 EDT 2009
Acunetix would be your last choice, unless you have strict budget constraints.
AppScan & WebInspect are the only ones capable of finding Flash
related security issues. Technology wise AppScan is superior since
WebInspect is limited to decompilation. Other scanners who claim to do
Flash testing barely do Flash settings test. So if you have Flash, go
for AppScan. If you have a bit more money include WebInspect as well.
I always believe & realized - more scanners the better.
If you are scanning for malware, only AppScan does that. Now why does
only AppScan do that & no one else? Well ISS is also part of IBM.
AppScan leverages technology from ISS product suite.
If you have Ajax, it would be again AppScan. I have not really seen
others in this aspect.
I have heard good things about Cenzic but it lacks some features that
AppScan & WebInspect boast of. Additionally the later are both matured
On Tue, Aug 25, 2009 at 3:46 PM, suresh
tiwary<sureshtiwary at rediffmail.com> wrote:
> issue: how effective is "cenzic hailstorm" automated tool ?
> hi Friends,
> Can anyone share experience of using the cenzic tool and its user guide. how
> do you comapre with Appscan and Acunetix ? Comments and suggestion are
> Thanks & regards,
> Owasp-delhi mailing list
> Owasp-delhi at lists.owasp.org
More information about the Owasp-delhi