Looking for application vulnerability scanner
Application security, Automated, configuration, Database, Development, Encryption, Exchange, Instant Messaging, patching, PEN testing, Platform Security, Secure Coding, Software testing, Software testing tools, vulnerability management, Web
My group is considering implementing an application vulnerability scanner to look for security holes in our Web sites. Can you recommend some products? Thanks
Software/Hardware used:
Software/Hardware used:
ASKED:
April 20, 2006 2:59 PM
UPDATED:
November 13, 2009 3:27 AM
Answer Wiki:
Application Security; Watchfire; Spidynamics are a few. See also searchappsecurity.com!
To see all answers submitted to the Answer Wiki: View Answer History.
If you have a linux/unix box (or care to install one) you can as well try Nessus. Unfortunately, its server component is not ported to Windows.
BR,
Petko
Definitely check out SearchAppSecurity.com. We have articles and product reviews — and links to those types of stories on other Web sites. Here are a couple:
Product review: SPI Dynamics WebInspect 5.8
http://searchappsecurity.techtarget.com/newsItem/0,289139,sid92_gci1173075,00.html
Cenzic Hailstorm case study: Boston College takes preemptive approach to Web application attacks
http://searchappsecurity.techtarget.com/originalContent/0,289142,sid92_gci1183112,00.html
– Michelle Davidson, editor, SearchAppSecurity.com
Windows web sec article on
ALSO ON SEARCHWINDOWSSECURITY.COM
STEP-BY-STEP GUIDE: Securing Web servers
http://searchwindowssecurity.techtarget.com/generic/0,295582,sid45_gci1179797,00.html?track=NL-480&ad=549960
A couple of good suggestions, but some I am not familiar with.
I would look at SecureWorks…They have a great deal of application experience.
Thank you for all the suggestions. They’ve been helpful.
You can use Appscan, Wikto and Appdetective (for databse of web applications)
i can suggest you a good web application scanner: MatriXay 3.0.
Its website is:
http://www.dbappsecurity.com