[Owasp-boston] Web application security scanner recommendation

Bernie Mamorbor Bernie.Mamorbor at sas.com
Thu Oct 9 15:13:19 UTC 2014


I have executed AppScan Enterprise against our solutions with good results.

Dennis, we would all like to hear your results.

Thanks,
Bernie

From: owasp-boston-bounces at lists.owasp.org [mailto:owasp-boston-bounces at lists.owasp.org] On Behalf Of George Ehrhorn
Sent: Thursday, October 09, 2014 8:18 AM
To: d.antunes at comcast.net; mario.desousa at coderedinc.com
Cc: Owasp-boston at lists.owasp.org
Subject: Re: [Owasp-boston] Web application security scanner recommendation

We have had very good results with IBM App Scan. At a previous company we had very good results with HP WebInspect.

Dennis, I think the list would benefit from hearing your results.


From: owasp-boston-bounces at lists.owasp.org<mailto:owasp-boston-bounces at lists.owasp.org> [mailto:owasp-boston-bounces at lists.owasp.org] On Behalf Of d.antunes at comcast.net<mailto:d.antunes at comcast.net>
Sent: Wednesday, October 08, 2014 20:54
To: mario.desousa at coderedinc.com<mailto:mario.desousa at coderedinc.com>
Cc: Owasp-boston at lists.owasp.org<mailto:Owasp-boston at lists.owasp.org>
Subject: Re: [Owasp-boston] Web application security scanner recommendation

I just did a substantial bakeoff. It really depends on your requirements though.

See Shay Chen's http://sectooladdict.blogspot.com for extensive analysis and try to align your needs.

Email me off list if you'd like to hear my results.

Dennis


Sent from XFINITY Connect Mobile App
-----Original Message-----

From: mario.desousa at coderedinc.com<mailto:mario.desousa at coderedinc.com>
To: jikbal at gmail.com<mailto:jikbal at gmail.com>
Cc: Owasp-boston at lists.owasp.org<mailto:Owasp-boston at lists.owasp.org>
Sent: 2014-10-08 18:26:43 GMT
Subject: Re: [Owasp-boston] Web application security scanner recommendation

I had a good experience with WhiteHat last year. It's a SaaS product... Easy to setup and thorough. They have a service that also includes human review of the application to find security issues that are in the business logic.

Sent from my iPhone

> On Oct 8, 2014, at 5:26 PM, "Javed Ikbal" wrote:
>
> I am in the market for a web application scanner.
>
> I have experience with appscan, webinspect and acinetix, although with
> older versions.
>
> I am not looking for a service like Qualys or Whitehat at this time.
>
> Any comments about these and anything else out there?
>
> If you recommend a product, please share why you like it.
>
> [ I am happy to receive comments from salespeople pushing their own
> product, but in that case please email me directly instead of the list
> ]
>
> Thanks in advance.
>
> Javed
> _______________________________________________
> Owasp-boston mailing list
> Owasp-boston at lists.owasp.org<mailto:Owasp-boston at lists.owasp.org>
> https://lists.owasp.org/mailman/listinfo/owasp-boston
_______________________________________________
Owasp-boston mailing list
Owasp-boston at lists.owasp.org<mailto:Owasp-boston at lists.owasp.org>
https://lists.owasp.org/mailman/listinfo/owasp-boston
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-boston/attachments/20141009/5a45b2a5/attachment-0001.html>


More information about the Owasp-boston mailing list