Armorize has a Static Code Security Vulnerability Scanner (SCSVS) which checks vulnerabilities at the source code level. AppScan, Webinspect and Acunetix are Web Application Security Vulnerability Scanners (WASVS) which check for runtime vulnerabilities of web applications.
Regards Parthajit -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: Tuesday, March 02, 2010 4:36 PM To: [email protected]; [email protected]; AnantharamanIyer Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison "Accuracy", IMHO, matters a lot more than the "number of features". You don't want a tool to give you nicely formatted info with a bunch of false positives. These scanners are anyways fairly costly. Talking about commercial tools, I am told Armorize a smart set of tools. On the open source front, w3af is definitely worth a look. -Bipin Upadhyay. >>Sent from my pwnedBerry(r) -----Original Message----- From: Srikar Sagi <[email protected]> Date: Tue, 2 Mar 2010 15:28:52 To: [email protected]<[email protected]>; AnantharamanIyer<[email protected]> Subject: Re: [Owasp-delhi] IBM AppSCAN & HP Webinspect comparison _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi This e-mail contains information which is confidential and/or legally privileged. If you are not the intended recipient , you are hereby notified that any disclosure, copying, distribution or the taking of any action in reliance on the contents of this e-mail is strictly prohibited. If you have received this e-mail in error, please destroy it and notify us by reply e-mail or by telephone. Internet E-mail messages may be subject to delays, non-delivery and unauthorised alterations and we shall not be responsible for the consequence(s) in such event(s). All reasonable precautions have been taken to ensure no viruses are present in this E-mail. We cannot accept responsibility for loss or damage arising from the use of this E-mail or attachments and recommend that you subject these to your virus checking procedures prior to use. _______________________________________________ Owasp-delhi mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-delhi
