[Owasp-austin] Web Application Security Scanners

Smith, Milton msmith at ercot.com
Fri Oct 3 18:14:50 EDT 2008


David,

We use AMP which an enterprise version of webinspect. The tool is a nice fit into your SDLC test processes. While these tool are helpful they do have technical limitations.

Regards,
Milton


Sent via Blackberry

________________________________

From: owasp-austin-bounces at lists.owasp.org 
To: David Hughes ; owasp-austin 
Sent: Fri Oct 03 10:47:10 2008
Subject: Re: [Owasp-austin] Web Application Security Scanners 


I am currently using WebInspect and have recently evaluated AppScan. These two are considered the top two commercial tools for Web Application vulnerability scanning. Both of them are expensive and have some good features I like.

 

Lisa Wei
Information Security Office
3-4218

________________________________

From: owasp-austin-bounces at lists.owasp.org [mailto:owasp-austin-bounces at lists.owasp.org] On Behalf Of David Hughes
Sent: Friday, October 03, 2008 10:23 AM
To: owasp-austin
Subject: [Owasp-austin] Web Application Security Scanners

 

All,

While I've had experience with vulnerability scanners (Core, Nessus, etc) I've never really looked into what's out there with regards to vuln scanners that focus on Web Application Vulnerability scanning.  I'm trying to compile a list of security tools that are "out there" and was wondering what you all know about/use/recommend.  I have a pretty full list of other tools, but my web app section is pretty lean. Any thoughts? Could be open source, commercial, etc. 

Thanks

David H. 

 
-- 
David Hughes, CISSP,MCSA,MCSE
In-Depth Security
823 Congress Avenue, #1510
Austin, TX  78701
office:512.394.3754
mobile: 512.623.9550
www.indepthsec.com
 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-austin/attachments/20081003/5a5c3c74/attachment.html 


More information about the Owasp-austin mailing list