WebApp Sec mailing list archives
Re: OS XSS and SQL scanner
From: Devdas Bhagat <devdas () dvb homelinux org>
Date: Wed, 2 Aug 2006 16:53:32 +0530
On 01/08/06 13:35 -0500, Arian J. Evans wrote:
-----Original Message----- From: Mandeep Khera [mailto:mandeep () cenzic com] I am sorry to hear that you perceive some problems with our product. We take pride in being the most accurate product with least amount of false positives in the industry. This has been proven in many bake-offs by customers and independent journalists.Hate to take this a little off topic, but do you have any facts that can support or back up these claims? Any data produced by anyone competent that speaks to your "false positives" and also your "false negatives"?
(S)he said that they had the least amount of false positives. If everyone else had 100000 FPs, while they had 99999 FPs, that is the least number of FPs too. That doesn't mean that the product is useful in any way. Devdas Bhagat ------------------------------------------------------------------------- Sponsored by: Watchfire Do you test web applications for XSS, SQL Injections, Buffer Overflows, Logical issues and other web application security threats? Why not automate this work with Watchfire's AppScan, the world's leading automated web application scanner. Download AppScan today! https://www.watchfire.com/securearea/appscancamp.aspx?id=701300000008BP9 --------------------------------------------------------------------------
Current thread:
- OS XSS and SQL scanner Cherian Thomas (Jul 31)
- Re: OS XSS and SQL scanner Dean H. Saxe (Jul 31)
- <Possible follow-ups>
- RE: OS XSS and SQL scanner Mandeep Khera (Jul 31)
- RE: OS XSS and SQL scanner Arian J. Evans (Aug 01)
- Re: OS XSS and SQL scanner Dean H. Saxe (Aug 02)
- Re: OS XSS and SQL scanner Rory McCune (Aug 02)
- Message not available
- Re: OS XSS and SQL scanner Dean H. Saxe (Aug 02)
- RE: OS XSS and SQL scanner Arian J. Evans (Aug 01)
- Re: OS XSS and SQL scanner Eoin (Aug 02)
- Re: OS XSS and SQL scanner Rogan Dawes (Aug 02)
- Re: OS XSS and SQL scanner Devdas Bhagat (Aug 02)
- RE: OS XSS and SQL scanner Burke, Charles (Aug 02)