From: Rui Pereira (WCG) (wavefront1@shaw.ca)
Date: Sun Nov 06 2005 - 01:07:12 EST
I have been using SPI Dynamic's WebInspect for over a year now and can
safely say that I am very pleased with its functionality, performance,
granularity and ability to ferret out potential flaws in web applications of
different stripes. Then again, I am using it in a security review/pen-test
mode, and cannot directly speak to its usability as a tool for the
developer's themselves to use. Maybe someone who has used it during the
evaluation process will care to speak up...
Thank You
Rui Pereira,B.Sc.(Hons),CIPS ISP,CISSP,CISA
Principal Consultant
WaveFront Consulting Group
Certified Information Systems Security Professionals
wavefront1@shaw.ca
-----Original Message-----
From: Evans, Arian [mailto:Arian.Evans@fishnetsecurity.com]
Sent: November 4, 2005 10:53 AM
To: Aman Raheja; pen-test@securityfocus.com
Subject: RE: Spi's products worth a try? Or any suggestions for developers'
tool?
1. I would suggest SPI's tools are worth evaluation.
2. For other tools to evaluate, you will find a fairly comprehensive
starting point in this PPT:
http://www.owasp.org/docroot/owasp/misc/OWASP_DC_2005_Presentations/Track_2-
Day1/AppSec2005DC-Arian_Ev
ans_Tools-Taxonomy.ppt
-ae
> -----Original Message-----
> From: Aman Raheja [mailto:araheja@techquotes.com]
> Sent: Friday, November 04, 2005 12:56 AM
> To: pen-test@securityfocus.com
> Subject: Spi's products worth a try? Or any suggestions for
> developers' tool?
>
>
> Hello
> Anyone has any experiance with Spi's tools for web application
> vulnerability scanning?
> http://www.spidynamics.com/products/index.html
> I need to suggest developers' tool so that they can self assess their
> application and reduce the overhead of the testing team.
> Any advice?
> Thanks in advance.
> Regards
> Aman Raheja
>
> http://www.techquotes.com
>
>
> --------------------------------------------------------------
> ----------------
> Audit your website security with Acunetix Web Vulnerability Scanner:
>
> Hackers are concentrating their efforts on attacking
> applications on your
> website. Up to 75% of cyber attacks are launched on shopping
> carts, forms,
> login pages, dynamic content etc. Firewalls, SSL and
> locked-down servers are
> futile against web application hacking. Check your website
> for vulnerabilities
> to SQL injection, Cross site scripting and other web attacks
> before hackers do!
> Download Trial at:
>
> http://www.securityfocus.com/sponsor/pen-test_050831
> --------------------------------------------------------------
> -----------------
>
>
----------------------------------------------------------------------------
-- Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 ---------------------------------------------------------------------------- --- ------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:08 EDT