Penetration Testing mailing list archives
Re: Opinions of automated testers
From: Dotzero <dotzero () gmail com>
Date: Tue, 8 May 2007 09:06:01 -0400
On 8 May 2007 03:58:22 -0000, zackpeters75 () yahoo com <zackpeters75 () yahoo com> wrote:
Hi, My manager gave me our pen testing project and I'm still coming up to speed so forgive me if this question is not 100% list appropriate. From what I can tell the top 3 automated pen testing programs are from SPI Dynamics, Cenzic and Watchfire. I haven't evaled any of them quite yet but they each seem to have their advantages and disadvantages. Cenzic is claiming to be the most accurate at least according to their 20/20 marketing program http://www.cenzic.com/forms/ec.php?pubid=10076 but I'm wondering what people have actually seen.
Erin gave an excellent response to you.... read carefully. Not too long ago I did an in-depth evaluation of all 3 products. I had looked at them in the past and we were finally in a position to make a purchase decision. Each of the products has strengths and weaknesses. They all do a pretty good job and from day to day one will be ahead of the others and then a different one. Most of the differences show up in the bells and whistles, report presentation, etc. For me it almost comes down to flavors of ice cream. I prefer vanilla but you may prefer chocolate. We ultimately chose WebInspect (SpiDynamics) but it was a close decision all the way around. One important caveat is that these are tools and if the person using the tool doesn't understand how to use the tool properly then their mileage may vary. ------------------------------------------------------------------------ This List Sponsored by: Cenzic Are you using SPI, Watchfire or WhiteHat? Consider getting clear vision with Cenzic See HOW Now with our 20/20 program! http://www.cenzic.com/c/2020 ------------------------------------------------------------------------
Current thread:
- RE: Opinions of automated testers, (continued)
- RE: Opinions of automated testers M. Groen (May 09)
- RE: Opinions of automated testers Erin Carroll (May 09)
- Re: Opinions of automated testers Joern Ahrens (May 10)
- RE: Opinions of automated testers John Reno (May 09)
- Re: Opinions of automated testers Lee Lawson (May 10)
- RE: Opinions of automated testers M. Groen (May 09)
- RE: Opinions of automated testers Kevin Reiter (May 09)
- Re: Opinions of automated testers Benny Tsai (May 09)
- Re: Opinions of automated testers Joey Peloquin (May 10)
- RE: Opinions of automated testers Vishal Garg (May 10)
- Re: Opinions of automated testers rajat swarup (May 15)
- Re: Opinions of automated testers Lee Lawson (May 08)