WebApp Sec mailing list archives

Re: Top webappsec testing vendors?

From: Bill Stout <billbrietstout () yahoo com>
Date: Wed, 9 Apr 2008 12:14:51 -0700 (PDT)

Hello All,
Thank you for your responses.  This is the list I have compiled so far, my apologies if I have missed a response.
Aspect Security  http://www.aspectsecurity.com/ 
ApplicCure  http://www.applicure.com/ 
Compass Security (Swiss)  http://www.csnc.ch/en/ 
Cybertrust (Verizon) http://www.cybertrust.com/ 
Deloitte & Touche http://www.deloitte.com 
Depth Security  http://www.depthsecurity.com/ 
Ernst & Young  http://www.ey.com/ 
Fortrex Technologies  http:/www.fortrex.com 
Foundstone  http://www.foundstone.com/us/index.asp 
GNU Citizen  http://gnucitizen.com/ 
Gotham Digital Science  http://www.gdssecurity.com/ 
IOActive http://www.ioactive.com/ 
ISEC Auditors (Spain)  http://www.isecauditors.com/eng/index.html 
Korelogic http://www.korelogic.com/ 
Matasano  http://www.matasano.com/log/mtso/ 
Neohapsis http://www.neohapsis.com/ 
NGS Software  http://www.ngssoftware.com/ 
NTObjectives  http://www.ntobjectives.com/ 
SecuRisk Solutions  http://www.securisksolutions.com/ 
Spidynamics (HP) https://h10078.www1.hp.com/cda/hpms/display/main/hpms_content.jsp?zn=bto&cp=1-11-201_4000_100__ 
Whitehat Security  http://www.whitehatsec.com/home/index.html 
Zion Security (Belgium)  http://www.zionsecurity.com/ 
I haven't rank them and I believe it would be difficult to do so.  Aspect has been recommended a few times, NGS 
Software is owned by David Litchfield who I've known since the mid-90's.  Each vendor probably employs a well-respected 
webapp pentester, and I'm sure each engagement will have a different experience.
I believe a pentester is an important addition to a security toolkit.
Bill Stout

-------------------------------------------------------------------------
Sponsored by: Watchfire
Methodologies & Tools for Web Application Security Assessment
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today!

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------

Current thread:

Re: Top webappsec testing vendors? WebAppSec Mailbox (Apr 09)
- Re: Top webappsec testing vendors? Jamie Riden (Apr 09)
  - Administrivia: Webappsec Vendor Directory Andrew van der Stock (Apr 09)
    - Re: Administrivia: Webappsec Vendor Directory bugtraq (Apr 10)
- <Possible follow-ups>
- Re: Top webappsec testing vendors? Bill Stout (Apr 09)