Network Security: Detailed info on Re: Environment for testing WebApp Security Scanners

Subject:	Re: Environment for testing WebApp Security Scanners
Date:	Wed, 9 Aug 2006 10:09:43 +1000

Subject:

Re: Environment for testing WebApp Security Scanners

Date:

Wed, 9 Aug 2006 10:09:43 +1000

On 8/9/06, Dean H. Saxe <dean@fullfrontalnerdity.com> wrote:

Then why haven't the tool vendors gone down that path?  They are
marketing to the lowest common denominator.  People who want to check
a box and say "I'm secure!"


Well sure they are primarily in the business of business, and
secondarily in the business of trying to do a service to the world by
helping companies secure their apps.

But you'd know why better then me, considering your work for one.

Granted, web app scanners can be used as part of a secure SDLC, but
I'd venture to guess that the vast majority of organizations don't
implement them within an S-SDLC.  Most probably don't ever do a
follow-up with a manual pen test.

-dhs


-- mic

-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire was recently named the worldwide market leader in Web application security assessment tools by both Gartner and IDC. Download a free trial of AppScan today and see why more customers choose AppScan then any other solution. Try it today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701500000008VnB --------------------------------------------------------------------------

<Prev in Thread]	Current Thread	[Next in Thread>
Environment for testing WebApp Security Scanners, René Palige RE: Environment for testing WebApp Security Scanners, Mark Curphey Re: Environment for testing WebApp Security Scanners, Roman H. RE: Environment for testing WebApp Security Scanners, Brokken, Allen P. Re: Environment for testing WebApp Security Scanners, Dean H. Saxe Re: Environment for testing WebApp Security Scanners, Gerald Quakenbush RE: Environment for testing WebApp Security Scanners, Mark Curphey Re: Environment for testing WebApp Security Scanners, mikeiscool Re: Environment for testing WebApp Security Scanners, Dean H. Saxe Re: Environment for testing WebApp Security Scanners, mikeiscool <= Re: Environment for testing WebApp Security Scanners, c0redump Re: Environment for testing WebApp Security Scanners, mikeiscool RE: Environment for testing WebApp Security Scanners, Evans, Arian Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, Enis Karaarslan Message not available Message not available RE: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, Enis Karaarslan Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, René Palige Message not available Message not available RE: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, Enis Karaarslan Re: [WEB SECURITY] RE: Environment for testing WebApp Security Scanners, René Palige

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: Environment for testing WebApp Security Scanners, Dean H. Saxe
Next by Date:	Re: Environment for testing WebApp Security Scanners, Gerald Quakenbush
Previous by Thread:	Re: Environment for testing WebApp Security Scanners, Dean H. Saxe
Next by Thread:	Re: Environment for testing WebApp Security Scanners, c0redump
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: Environment for testing WebApp Security Scanners, Dean H. Saxe

Next by Date:

Re: Environment for testing WebApp Security Scanners, Gerald Quakenbush

Previous by Thread:

Re: Environment for testing WebApp Security Scanners, Dean H. Saxe

Next by Thread:

Re: Environment for testing WebApp Security Scanners, c0redump

Indexes:

[Date] [Thread] [Top] [All Lists]