[Owasp-delhi] IBM AppSCAN & HP Webinspect comparison

Srikar Sagi srikarsagi at yahoo.com
Tue Mar 2 04:58:52 EST 2010


it all boils down to value for money; how many features a tool has for the same money how much it compares with other tool(s).

Thanks & Regards, 



Srikar  Sagi 

09342-8648-18/0917-66-176-99

--- On Tue, 2/3/10, Iyer, Anantharaman <anantharaman.iyer at capgemini.com> wrote:

From: Iyer, Anantharaman <anantharaman.iyer at capgemini.com>
Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison
To: "owasp-delhi at lists.owasp.org" <owasp-delhi at lists.owasp.org>
Date: Tuesday, 2 March, 2010, 10:48 AM




 
 







I feel every scanner has its pros & cons, so the only way to
determine the best for your needs are to test it against your applications
before making a final call. I have been reading reports and reviews by many
authors and no two reports point out a clear winner. 

   

 I am attaching one more report published in Feb 2010 on
web application scanners comparison.  

   

Gautam, this report will give some reason to re-consider WebInspect
and consider NTOSpider ;-) 

   



Regards, 



Anantharaman Iyer  

   



   





From: owasp-delhi-bounces at lists.owasp.org
[mailto:owasp-delhi-bounces at lists.owasp.org] On Behalf Of John, Arun (HP
Software-as-a-Service)

Sent: Monday, March 01, 2010 9:05 PM

To: Gautam Pagedar; Abir Banerjee

Cc: owasp-delhi at lists.owasp.org

Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison 





   

So has HP/SpiDynamics with Assessment Management Platform. 

www.hp.com/go/securitysoftware
for info on these tools. 

   

Regards 

John 

   





From:
owasp-delhi-bounces at lists.owasp.org [mailto:owasp-delhi-bounces at lists.owasp.org]
On Behalf Of Gautam Pagedar

Sent: Monday, March 01, 2010 9:29 AM

To: Abir Banerjee

Cc: owasp-delhi at lists.owasp.org

Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison 





   





It
great to see the comparison. We are using AppScan for more than 5 years now and
I somehow feel that it does not give me full control to do everything. 





  





Its
of course a good tool for novice starting AppSec. We also use Cenzic and it
give me some extra features and maybe also a way to compare every time I get
into a engagement. 





  





FYI,
AppScan has a Enterprise version and its a cool tool for a enterprise wise
deployment and getting AppSec testing into SDLC. 





  





Abir, 





  





Thanks
for this report. It gives me a good reason to try WebInspect :-) 





  





thanks, 





Gautam 









-----
Original Message -----  





From: Abir Banerjee  





To: manikgupta19 at sqatester.com
 





Cc: owasp-delhi at lists.owasp.org
 





Sent: Saturday, February
27, 2010 7:24 AM 





Subject: Re: [Owasp-delhi]
IBM AppSCAN & HP Webinspect comparison 





   







Hello Manik, 





  





Webinspect is much better than Appscan since appscan shows
up a lot of false positives and the best web vulnerablity canner would be
Acunetix WVS + Acusensor. Please the comparision file attached. 





Regards, 





  





Abeer Banerjee 





+91 9987099708 











From: Manik Gupta <manikgupta19 at sqatester.com>

To: owasp-delhi at lists.owasp.org

Sent: Mon, 22 February, 2010 10:22:14 AM

Subject: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison 





Hi, 





  





Kindly
let me know which tool is better for penetration testing among IBM AppSCAN
& HP Webinspect. 





  





  





Regards, 





Manik 





  







Join
SQAtester.com Community  --->
http://www.sqatester.com/testersarea/joinus.htm 







   







Your Mail works best with the New Yahoo Optimized IE8. Get it NOW!.  







_______________________________________________

Owasp-delhi mailing list

Owasp-delhi at lists.owasp.org

https://lists.owasp.org/mailman/listinfo/owasp-delhi 










This message contains information that may be privileged or confidential and is the property of the Capgemini Group. It is 
intended only for the person to whom it is addressed. If you are not the intended recipient, you are not authorized to 
read, print, retain, copy, disseminate, distribute, or use this message or any part thereof. If you receive this message 
in error, please notify the sender immediately and delete all copies of this message.
 


-----Inline Attachment Follows-----

_______________________________________________
Owasp-delhi mailing list
Owasp-delhi at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-delhi



      Your Mail works best with the New Yahoo Optimized IE8. Get it NOW! http://downloads.yahoo.com/in/internetexplorer/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-delhi/attachments/20100302/60fecbaf/attachment-0001.html 


More information about the Owasp-delhi mailing list