Home page logo

basics logo Security Basics mailing list archives

Re: Web Application Vulnerability Scanner
From: zackPeters75 () yahoo com
Date: 2 Nov 2007 01:25:42 -0000

I had to evaluate some automated web app scanners a few months back. We weren't using anything and I was tasked with 
choosing one. I ended up looking at the big three (Spi, Watchfire, Cenzic) and chose Cenzic's Hailstorm. 

From a web app vulnerability perspective, I love it. Tons of options to customize and tweak. As I keep learning more 
about web app security, I find that I can directly configure their product to do what I want.

PCI was an element of our eval but not a huge part. I can give our developers what they need to fix and how. We still 
need to hire an outside auditor / certification agency for that final sign off. 

My two cents.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]