Educause Security Discussion mailing list archives
Web application security scanners
From: Brad Judy <Brad.Judy () COLORADO EDU>
Date: Thu, 18 Jan 2007 15:09:54 -0700
We're starting to look into web application security scanning tools and I wanted to ping the group and see what people found when looking into this for themselves and what motivated their selection. After some initial digging, it looks like most people lean towards Spidynamics' WebInspect or Watchfire's AppScan. I plan on looking into both of those. Obviously, none of these products are the end-all-be-all of web app security, but they do address the basic need of common web app coding errors for an initial level of validation of both in-house developed apps as well as pre-purchase testing of commercial apps. So, what did you learn when looking into this space, what did you select and why? Thanks, Brad Judy IT Security Office Information Technology Services University of Colorado at Boulder
Current thread:
- Web application security scanners Brad Judy (Jan 18)
- <Possible follow-ups>
- Re: Web application security scanners Steve Brukbacher (Jan 18)
- Re: Web application security scanners Lovaas,Steven R (Jan 18)
- Re: Web application security scanners Chris Green (Jan 18)
- Re: Web application security scanners Lovaas,Steven R (Jan 18)