From: Mike Pearson (mp@digitalstakeout.com)
Date: Sun Nov 06 2005 - 12:37:02 EST
My company conducted a through evaluation of SPI WebInspect, Watchfire
AppScan, Acunetix and various open source products and ended up choosing a
combination of AppScan and open source as the primary backend for our
service, Threat Portal VMS.
One thing to keep in mind is that Watchfire holds the definitive patent for
conducting intelligent web crawling for vulnerabilities. Both SPI and
Acunetix had to pay Watchfire multi-million dollar royalty payments in order
to use the patent. SPI may be a little faster with new updates but Watchfire
invented the process.
Mike Pearson
www.digitalstakeout.com
-----Original Message-----
From: Evans, Arian [mailto:Arian.Evans@fishnetsecurity.com]
Sent: Friday, November 04, 2005 1:53 PM
To: Aman Raheja; pen-test@securityfocus.com
Subject: RE: Spi's products worth a try? Or any suggestions for developers'
tool?
1. I would suggest SPI's tools are worth evaluation.
2. For other tools to evaluate, you will find a fairly
comprehensive starting point in this PPT:
http://www.owasp.org/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-
Day1/AppSec2005DC-Arian_Ev
ans_Tools-Taxonomy.ppt
-ae
> -----Original Message-----
> From: Aman Raheja [mailto:araheja@techquotes.com]
> Sent: Friday, November 04, 2005 12:56 AM
> To: pen-test@securityfocus.com
> Subject: Spi's products worth a try? Or any suggestions for
> developers' tool?
>
>
> Hello
> Anyone has any experiance with Spi's tools for web application
> vulnerability scanning?
> http://www.spidynamics.com/products/index.html
> I need to suggest developers' tool so that they can self assess their
> application and reduce the overhead of the testing team.
> Any advice?
> Thanks in advance.
> Regards
> Aman Raheja
>
> http://www.techquotes.com
>
>
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your
> website. Up to 75% of cyber attacks are launched on shopping
> carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and
> locked-down servers are
> futile against web application hacking. Check your website
> for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks
> before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------
>
>
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:08 EDT