If I am not wrong, Larry Suto was part of NTO Spider Team. The following link is also interesting, although it doesn't refer to current paper, but helps in identifying author :P
http://ha.ckers.org/blog/20080102/larry-sutos-paper-drama/ On Tue, Mar 2, 2010 at 3:28 PM, Srikar Sagi <[email protected]> wrote: > it all boils down to value for money; how many features a tool has for the > same money how much it compares with other tool(s). > > Thanks & Regards, > > Srikar Sagi > 09342-8648-18/0917-66-176-99 > > > --- On *Tue, 2/3/10, Iyer, Anantharaman > <[email protected]>*wrote: > > > From: Iyer, Anantharaman <[email protected]> > Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison > To: "[email protected]" <[email protected]> > Date: Tuesday, 2 March, 2010, 10:48 AM > > > I feel every scanner has its pros & cons, so the only way to determine > the best for your needs are to test it against your applications before > making a final call. I have been reading reports and reviews by many authors > and no two reports point out a clear winner. > > > > I am attaching one more report published in Feb 2010 on web application > scanners comparison. > > > > Gautam, this report will give some reason to re-consider WebInspect and > consider NTOSpider ;-) > > > > Regards, > > > Anantharaman Iyer > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *John, Arun (HP > Software-as-a-Service) > *Sent:* Monday, March 01, 2010 9:05 PM > *To:* Gautam Pagedar; Abir Banerjee > *Cc:* [email protected] > *Subject:* Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison > > > > So has HP/SpiDynamics with Assessment Management Platform. > > www.hp.com/go/securitysoftware for info on these tools. > > > > Regards > > John > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Gautam Pagedar > *Sent:* Monday, March 01, 2010 9:29 AM > *To:* Abir Banerjee > *Cc:* [email protected] > *Subject:* Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison > > > > It great to see the comparison. We are using AppScan for more than 5 years > now and I somehow feel that it does not give me full control to do > everything. > > > > Its of course a good tool for novice starting AppSec. We also use Cenzic > and it give me some extra features and maybe also a way to compare every > time I get into a engagement. > > > > FYI, AppScan has a Enterprise version and its a cool tool for a enterprise > wise deployment and getting AppSec testing into SDLC. > > > > Abir, > > > > Thanks for this report. It gives me a good reason to try WebInspect :-) > > > > thanks, > > Gautam > > ----- Original Message ----- > > *From:* Abir Banerjee <http://mc/[email protected]> > > *To:* > [email protected]<http://mc/[email protected]> > > *Cc:* > [email protected]<http://mc/[email protected]> > > *Sent:* Saturday, February 27, 2010 7:24 AM > > *Subject:* Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison > > > > Hello Manik, > > > > Webinspect is much better than Appscan since appscan shows up a lot of > false positives and the best web vulnerablity canner would be Acunetix WVS + > Acusensor. Please the comparision file attached. > > Regards, > > > > Abeer Banerjee > > +91 9987099708 > ------------------------------ > > *From:* Manik Gupta > <[email protected]<http://mc/[email protected]> > > > *To:* > [email protected]<http://mc/[email protected]> > *Sent:* Mon, 22 February, 2010 10:22:14 AM > *Subject:* [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison > > Hi, > > > > Kindly let me know which tool is better for penetration testing among IBM > AppSCAN & HP Webinspect. > > > > > > Regards, > > Manik > > > > ------------------------------ > > Join SQAtester.com Community ---> > http://www.sqatester.com/testersarea/joinus.htm > > > ------------------------------ > > Your Mail works best with the New Yahoo Optimized IE8. Get it > NOW!<http://in.rd.yahoo.com/tagline_ie8_new/*http:/downloads.yahoo.com/in/internetexplorer/>. > > ------------------------------ > > _______________________________________________ > Owasp-delhi mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-delhi > > > > > > > This message contains information that may be privileged or confidential and > is the property of the Capgemini Group. It is > intended only for the person to whom it is addressed. If you are not the > intended recipient, you are not authorized to > read, print, retain, copy, disseminate, distribute, or use this message or > any part thereof. If you receive this message > in error, please notify the sender immediately and delete all copies of this > message. > > > -----Inline Attachment Follows----- > > > _______________________________________________ > Owasp-delhi mailing list > [email protected]<http://mc/[email protected]> > https://lists.owasp.org/mailman/listinfo/owasp-delhi > > > ------------------------------ > Your Mail works best with the New Yahoo Optimized IE8. Get it > NOW!<http://in.rd.yahoo.com/tagline_ie8_new/*http://downloads.yahoo.com/in/internetexplorer/> > . > > _______________________________________________ > Owasp-delhi mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-delhi > > -- Regards, Chintan Dave, LinkedIn Profile: http://www.linkedin.com/in/chintandave Blog:http://www.chintandave.com
_______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
