HP's WebInspect

["Bradley, Stephen W. Mr." <bradlesw () MUOHIO EDU>]

Has anyone else had problems with HP's WebInspect lately or for that matter their customer support in general?

We have had WI for several years now and have a paid up maintenance contract and are receiving little to no response on 
a problem that cropped up after an update almost 7 weeks ago.

The problem is with the reporting function in version 8.0.625.1.  We can run the scans but if you select a report that 
has critical vulnerabilities in it the report generator crashes with invalid characters.  We have been told several 
stories so far about the problem and although they seem to be plausible stories it doesn't look like they are working 
to fix any of them.

The front runner in causes is that they hash the IP address in the scan data and that some of the hashes produce 
characters that cause the report generation of the software to crash.  Sounds good and they can duplicate the problem 
at will and they have other sites with the same problem so how hard can it be to fix it.

At this point we have what amounts to a very expensive piece of software that produces no useful information

Thanks
steve


Stephen W. Bradley SSCP GCIH GCFA CISSP

Network Security Specialist

Miami University

Security Engineering

Business & Infrastructure Services

513-529-8129

bradlesw () muohio edu<mailto:bradlesw () muohio edu>