Educause Security Discussion mailing list archives

Re: Cenzic Hailstorm vs Rational AppScan from IBM

From: Jon Hanny <jehanny () GWU EDU>
Date: Thu, 11 Dec 2008 13:52:26 -0500

We bough Cenzic almost a year ago and thus far are happy with the product.
Having said that, there really is no replacement for a well seasoned
penetration tester. I did not try Appscan so I cannot speak to how they
compare.

Respectfully,

Jon Hanny, CISSP
Application Security Specialist
The George Washington University
703-726-4469
jehanny () gwu edu
appsec () gwu edu



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Erik Decker
Sent: Thursday, December 11, 2008 1:23 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Cenzic Hailstorm vs Rational AppScan from IBM

All,

We are currently evaluating two web vulnerability scanning products:  Cenzic
Hailstrom and IBM's appscan.

Has anyone ever used Hailstorm before?  If so, do you like their product?
Did you run a comparison against Appscan?

Cenzic seems to be a new player to this market.  Their product seems fairly
robust, but we are a little unsure of it.  Our team has used Appscan in the
past, but we are open to change.

Thanks!
--

----
Erik Decker
Security Administrator
Information Technology Services

Current thread:

Cenzic Hailstorm vs Rational AppScan from IBM Erik Decker (Dec 11)
- <Possible follow-ups>
- Re: Cenzic Hailstorm vs Rational AppScan from IBM Logan, Kim (loganks) (Dec 11)
- Re: Cenzic Hailstorm vs Rational AppScan from IBM Jon Hanny (Dec 11)
- Re: Cenzic Hailstorm vs Rational AppScan from IBM Neil Matatall (Dec 11)
- Re: Cenzic Hailstorm vs Rational AppScan from IBM David Auclair (Dec 11)