[Owasp-access-control-rules-tester-project] commercial Access Control Rules Testing

Andrew Petukhov petand at lvk.cs.msu.su
Tue Jun 17 08:50:09 EDT 2008

Mat Caughron wrote:

> Hi Andrew:
> IBM has a thing called the Rational Policy Tester.  It comes in three 
> editions: policy tester for accessibility compliance, privacy edition 
> for privacy compliance, and quality edition for centralized scanning 
> of web content for quality.    I think these are all tools from 
> WatchFire, but I have not seem them yet.
> I've subscribed to the mailing list for the access control rules 
> testing project.
> Mat Caughron, CISSP
> (408) 910-1266
Hello everybody.
Thanks for joining this list!

Mat, thanks for the idea. These tools are indeed after Watchfire group:
I have read the datasheets presented at
According to the provided descriptions, Policy Tester Accessibility
Edition and Policy Tester Quality Edition are useless in access control
testing (please, correct me, if I am wrong). So the only interesting
thing is Policy Tester Privacy Edition. Alas, there is no trial version.
Think, I'll need to contact IBM to see was this tool is capable of.

P.S. for Mat: I am kindly asking you to edit the

page simirlarly ti what Min has done - please put a link to a short
summary about youself. Or just drop me a line - and I'll make it on your

Kind regards everyone,
Andrew Petukhov

More information about the Owasp-access-control-rules-tester-project mailing list