WebApp Sec mailing list archives
Re: Top webappsec testing vendors?
From: Bill Stout <billbrietstout () yahoo com>
Date: Wed, 9 Apr 2008 12:14:51 -0700 (PDT)
Hello All, Thank you for your responses. This is the list I have compiled so far, my apologies if I have missed a response. Aspect Security http://www.aspectsecurity.com/ ApplicCure http://www.applicure.com/ Compass Security (Swiss) http://www.csnc.ch/en/ Cybertrust (Verizon) http://www.cybertrust.com/ Deloitte & Touche http://www.deloitte.com Depth Security http://www.depthsecurity.com/ Ernst & Young http://www.ey.com/ Fortrex Technologies http:/www.fortrex.com Foundstone http://www.foundstone.com/us/index.asp GNU Citizen http://gnucitizen.com/ Gotham Digital Science http://www.gdssecurity.com/ IOActive http://www.ioactive.com/ ISEC Auditors (Spain) http://www.isecauditors.com/eng/index.html Korelogic http://www.korelogic.com/ Matasano http://www.matasano.com/log/mtso/ Neohapsis http://www.neohapsis.com/ NGS Software http://www.ngssoftware.com/ NTObjectives http://www.ntobjectives.com/ SecuRisk Solutions http://www.securisksolutions.com/ Spidynamics (HP) https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201_4000_100__ Whitehat Security http://www.whitehatsec.com/home/index.html Zion Security (Belgium) http://www.zionsecurity.com/ I haven't rank them and I believe it would be difficult to do so. Aspect has been recommended a few times, NGS Software is owned by David Litchfield who I've known since the mid-90's. Each vendor probably employs a well-respected webapp pentester, and I'm sure each engagement will have a different experience. I believe a pentester is an important addition to a security toolkit. Bill Stout ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- Re: Top webappsec testing vendors? WebAppSec Mailbox (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)
- Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
- Re: Administrivia: Webappsec Vendor Directory bugtraq (Apr 10)
- Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
- <Possible follow-ups>
- Re: Top webappsec testing vendors? Bill Stout (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)