[Owasp-delhi] IBM AppSCAN & HP Webinspect comparison

Iyer, Anantharaman anantharaman.iyer at capgemini.com
Tue Mar 2 00:18:40 EST 2010


I feel every scanner has its pros & cons, so the only way to determine the best for your needs are to test it against your applications before making a final call. I have been reading reports and reviews by many authors and no two reports point out a clear winner.

 I am attaching one more report published in Feb 2010 on web application scanners comparison.

Gautam, this report will give some reason to re-consider WebInspect and consider NTOSpider ;-)

Regards,

Anantharaman Iyer


From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of John, Arun (HP Software-as-a-Service)
Sent: Monday, March 01, 2010 9:05 PM
To: Gautam Pagedar; Abir Banerjee
Cc: owasp-delhi at lists.owasp.org
Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison

So has HP/SpiDynamics with Assessment Management Platform.
www.hp.com/go/securitysoftware<http://www.hp.com/go/securitysoftware> for info on these tools.

Regards
John

From: owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of Gautam Pagedar
Sent: Monday, March 01, 2010 9:29 AM
To: Abir Banerjee
Cc: owasp-delhi at lists.owasp.org
Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison

It great to see the comparison. We are using AppScan for more than 5 years now and I somehow feel that it does not give me full control to do everything.

Its of course a good tool for novice starting AppSec. We also use Cenzic and it give me some extra features and maybe also a way to compare every time I get into a engagement.

FYI, AppScan has a Enterprise version and its a cool tool for a enterprise wise deployment and getting AppSec testing into SDLC.

Abir,

Thanks for this report. It gives me a good reason to try WebInspect :-)

thanks,
Gautam
----- Original Message -----
From: Abir Banerjee<mailto:dipzone2000 at yahoo.co.in>
To: manikgupta19 at sqatester.com<mailto:manikgupta19 at sqatester.com>
Cc: owasp-delhi at lists.owasp.org<mailto:owasp-delhi at lists.owasp.org>
Sent: Saturday, February 27, 2010 7:24 AM
Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison

Hello Manik,

Webinspect is much better than Appscan since appscan shows up a lot of false positives and the best web vulnerablity canner would be Acunetix WVS + Acusensor. Please the comparision file attached.
Regards,

Abeer Banerjee
+91 9987099708
________________________________
From: Manik Gupta <manikgupta19 at sqatester.com<mailto:manikgupta19 at sqatester.com>>
To: owasp-delhi at lists.owasp.org<mailto:owasp-delhi at lists.owasp.org>
Sent: Mon, 22 February, 2010 10:22:14 AM
Subject: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison
Hi,

Kindly let me know which tool is better for penetration testing among IBM AppSCAN & HP Webinspect.


Regards,
Manik


________________________________
Join SQAtester.com Community  ---> http://www.sqatester.com/testersarea/joinus.htm

________________________________
Your Mail works best with the New Yahoo Optimized IE8. Get it NOW!<http://in.rd.yahoo.com/tagline_ie8_new/*http:/downloads.yahoo.com/in/internetexplorer/>.
________________________________
_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi






This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is 
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to 
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message 
in error, please notify the sender immediately and delete all copies of this message.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100302/b22a3923/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Accuracy_and_Time_Costs_of_Web_App_Scanners.pdf
Type: application/pdf
Size: 653285 bytes
Desc: Accuracy_and_Time_Costs_of_Web_App_Scanners.pdf
Url : https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100302/b22a3923/attachment-0001.pdf 


More information about the Owasp-delhi mailing list