Penetration Testing mailing list archives
Re: [PEN-TEST] AppScan
From: "john.george" <john.george () HOME COM>
Date: Fri, 22 Sep 2000 10:15:06 -0700
We currently have an evaluation copy of AppScan 1.5. 1.5 will scan SSL connections now that the RSA Patten has expired. I've seen both demos of AppShield and AppScan and both were hits. Not a lick of problems. Of course the were using there own web server to scan for exploits. The list price is a little step, but I don't have to worry about that right now. I'm just doing the evaluation phase first. I will worry about the price later. Currently when it comes to Application Scanning, Sanctum doesn't seem to have much competition. I've done some homework on this for sure. Now on the AppShield, their seems to be products that try to hit that market but fall way short. I have also looked into this pretty extensive and can give you more info on this if needed. Please lets keep intouch about this, I'm sure I will miss something along the way. John G. ----- Original Message ----- From: "Wade A. Malone" <wamalone () earthlink net> To: "john.george" <john.george () home com> Sent: Thursday, September 21, 2000 5:15 AM Subject: Re: AppScan
John, I'm surprised you paid the price for this piece of software. Actually I thought Sanctuminc ran it as an ASP. I have seen demos of both Appscan
and
Appshield, lots of problems. They have great reporting features, but the dynamics of the software are questionable. I'll compile soem more info. How much did you pay for the version? And
did
you look for other comparable products. I'll get back to you soon. Wade A. ----- Original Message ----- From: "john.george" <john.george () home com> To: "Wade A. Malone" <wamalone () earthlink net> Sent: Thursday, September 21, 2000 1:07 AM Subject: Re: AppScanCurrently I have no gripes about the software. Then again I just
installed
the software yesterday. I just wanted to see if anyone had any
experience
with it yet. Thanks, John G. ----- Original Message ----- From: "Wade A. Malone" <wamalone () earthlink net> To: <john.george () HOME COM> Sent: Wednesday, September 20, 2000 4:17 PM Subject: Re: AppScanJohn, What gripes or complaints do you have, what would you like to see. Wade----- Original Message ----- From: "john.george" <john.george () HOME COM> To: <PEN-TEST () SECURITYFOCUS COM> Sent: Wednesday, September 20, 2000 4:47 PM Subject: AppScanI very interested in knowing if anyone has any experience with an application scanner called AppScan. It is suppose to be able tocontinuewhere ISS left off, the application level. I started to evaluatethissoftware today and want to see if anyone else has any good or badpointstothe scanner. The scanner is by http://www.sanctuminc.com . Thanks, John G.
Current thread:
- [PEN-TEST] AppScan john.george (Sep 20)
- Re: [PEN-TEST] AppScan John Weekley (Sep 20)
- <Possible follow-ups>
- Re: [PEN-TEST] AppScan Yonatan Bokovza (Sep 22)
- Re: [PEN-TEST] AppScan john.george (Sep 22)
- Re: [PEN-TEST] AppScan john.george (Sep 22)
- Re: [PEN-TEST] AppScan Briney, Andy (Sep 22)
- Re: [PEN-TEST] AppScan john.george (Sep 24)