WebApp Sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Web Application Scanners Comparison

From: anantasec <anantasec () googlemail com>
Date: Wed, 28 Jan 2009 06:06:17 +0200
I'm glad I could help.
Yes, this is also my opinion: A tool is only as better as the person using it.
The results from these scanners should be reviewed by a knowledgeable human.
These tools are designed to help (not replace) a human.

It makes me smile when I read on some vendor website: Our tool
"Assures PCI Compliance including 6.6". An automated tool would never
do that.

On 1/28/09, Dotzero <dotzero () gmail com> wrote:

anantasec,

I just did a quick read of your report. Thanks for making it
available. I think the main take away for me is that it reconfirms
that they are just tools and depending on the operator (experience)
mileage may vary.




-- 
http://anantasec.blogspot.com

-------------------------------------------------------------------------
Sponsored by: Watchfire 
Methodologies & Tools for Web Application Security Assessment 
With the rapid rise in the number and types of security threats, web application security assessments should be 
considered a crucial phase in the development of any web application. What methodology should be followed? What tools 
can accelerate the assessment process? Download this Whitepaper today! 

https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F
-------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: