Educause Security Discussion
mailing list archives
Re: Cenzic Hailstorm vs Rational AppScan from IBM
From: Jon Hanny <jehanny () GWU EDU>
Date: Thu, 11 Dec 2008 13:52:26 -0500
We bough Cenzic almost a year ago and thus far are happy with the product.
Having said that, there really is no replacement for a well seasoned
penetration tester. I did not try Appscan so I cannot speak to how they
Jon Hanny, CISSP
Application Security Specialist
The George Washington University
jehanny () gwu edu
appsec () gwu edu
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Erik Decker
Sent: Thursday, December 11, 2008 1:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Cenzic Hailstorm vs Rational AppScan from IBM
We are currently evaluating two web vulnerability scanning products: Cenzic
Hailstrom and IBM's appscan.
Has anyone ever used Hailstorm before? If so, do you like their product?
Did you run a comparison against Appscan?
Cenzic seems to be a new player to this market. Their product seems fairly
robust, but we are a little unsure of it. Our team has used Appscan in the
past, but we are open to change.
Information Technology Services