WebApp Sec mailing list archives
Re: Web Site Certification
From: Admin Dbtech <admin () dbtech org>
Date: Thu, 27 Apr 2006 21:04:53 +0530
Hey,To be very honest, I believe most of these services are nothing less then a very false sense of security.
In the past I have had many clients who relied on these organizations for their security testing however during penetration testing I successfully compromised these clients either through the web application or with known exploits from the metasploit framework.
Anyone who is involved with security can testify that automated services can NEVER replace a human audit and anyone that says that they guarantee security doesn't know what they are talking about.
Regards, Yash Kadakia Senior Security Researcher Deadbolt Computer Technologies http://www.dbtech.org Marco Passarella wrote:
Hi all, what do you think about the remote services that promise your site to be "hacker free"? Can you really monitor remotely the security of a site using a scanner? Here is an example: http://www.scanalert.com/ Thanks, Mark ------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF--------------------------------------------------------------------------
------------------------------------------------------------------------- Sponsored by: WatchfireWatchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. Change the way you think about application security testing - See for yourself. Download a Free Trial of AppScan 6.0 today!
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000007kaF --------------------------------------------------------------------------
Current thread:
- Web Site Certification Marco Passarella (Apr 27)
- Re: Web Site Certification Dean H. Saxe (Apr 27)
- Re: Web Site Certification Nathaniel Hall (Apr 27)
- <Possible follow-ups>
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Craig Wright (Apr 27)
- RE: Web Site Certification Adam Mikrut (Apr 27)
- Re: Web Site Certification Adam Tuliper (Apr 28)
- Re: Web Site Certification Admin Dbtech (Apr 27)
- Re: Web Site Certification ROB DIXON (Apr 27)
- RE: Web Site Certification ROB DIXON (May 01)