WebApp Sec mailing list archives

Re: Web Site Certification

From: Nathaniel Hall <lists () nathanhall net>
Date: Thu, 27 Apr 2006 08:23:34 -0500

Marco Passarella wrote:

Hi all,
what do you think about the remote services that promise your site to
be "hacker free"?
Can you really monitor remotely the security of a site using a scanner?
Here is an example:
http://www.scanalert.com/

It isn't that the site is necessarily "hacker free."  They have simply
guaranteed that the site is not vulnerable to the FBI/SANS top
vulnerabilities (www.sans.org/top20/).  They also meet various credit
card requirements (VISA CISP/PCI).  Click on the "Hacker Safe" logo to
see an explanation.

-- 
Nathaniel Hall, GSEC GCFW GCIA


-------------------------------------------------------------------------
Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. Change the way you 
think about application security testing - See for yourself. 
Download a Free Trial of AppScan 6.0 today!

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF
--------------------------------------------------------------------------

Current thread:

Web Site Certification Marco Passarella (Apr 27)
- Re: Web Site Certification Dean H. Saxe (Apr 27)
- Re: Web Site Certification Nathaniel Hall (Apr 27)
- <Possible follow-ups>
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Adam Mikrut (Apr 27)
  - Re: Web Site Certification Adam Tuliper (Apr 28)
- Re: Web Site Certification Admin Dbtech (Apr 27)
- Re: Web Site Certification ROB DIXON (Apr 27)
- RE: Web Site Certification ROB DIXON (May 01)