[Owasp-austin] Web Application Security Scanners

Smith, Milton msmith at ercot.com
Fri Oct 3 18:14:50 EDT 2008


We use AMP which an enterprise version of webinspect. The tool is a nice fit into your SDLC test processes. While these tool are helpful they do have technical limitations.


Sent via Blackberry


From: owasp-austin-bounces at lists.owasp.org 
To: David Hughes ; owasp-austin 
Sent: Fri Oct 03 10:47:10 2008
Subject: Re: [Owasp-austin] Web Application Security Scanners 

I am currently using WebInspect and have recently evaluated AppScan. These two are considered the top two commercial tools for Web Application vulnerability scanning. Both of them are expensive and have some good features I like.


Lisa Wei
Information Security Office


From: owasp-austin-bounces at lists.owasp.org [mailto:owasp-austin-bounces at lists.owasp.org] On Behalf Of David Hughes
Sent: Friday, October 03, 2008 10:23 AM
To: owasp-austin
Subject: [Owasp-austin] Web Application Security Scanners



While I've had experience with vulnerability scanners (Core, Nessus, etc) I've never really looked into what's out there with regards to vuln scanners that focus on Web Application Vulnerability scanning.  I'm trying to compile a list of security tools that are "out there" and was wondering what you all know about/use/recommend.  I have a pretty full list of other tools, but my web app section is pretty lean. Any thoughts? Could be open source, commercial, etc. 


David H. 

In-Depth Security
823 Congress Avenue, #1510
Austin, TX  78701
mobile: 512.623.9550


-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-austin/attachments/20081003/5a5c3c74/attachment.html 

More information about the Owasp-austin mailing list