|
Message-ID: <CAJvxAA3oJA660cmHRw8vKLGD_W3RTys7h0rPVhqmQhAH65xNLg@mail.gmail.com> Date: Wed, 12 Feb 2014 10:00:37 +0200 From: Shay Chen <sectooladdict.vendors@...il.com> To: oss-security@...ts.openwall.com Subject: [Benchmark 2014] WAVSEP Vulnerability Scanner Benchmark 2013/2014 The **2014** *WAVSEP* web application scanner benchmark has been published - And currently includes new products that were tested for the first time, as well as returning vendors that were not tested for a while. Covering a total **63** vulnerability scanners, including commercial scanners, multiple SAAS engines and open source vendors, the research compares the performance of the various tested scanners in the following aspects: (*) Prices vs. Features (*) Automated Crawling (WIVET) (*) Technology and Input Delivery Method Support (*) Backup/Hidden File Detection Accuracy (*NEW!*) (*) Unvalidated Redirect Detection Accuracy (*NEW!*) (*) SQL Injection Detection Accuracy (*) Cross Site Scripting Detection Accuracy (*) Path Traversal / LFI Detection Accuracy (*) (XSS/Phishing via) Remote File Inclusion (*) Supported Vulnerability Detection Features (e.g. audit features) (*) Authentication and Usability Features (*) Coverage and Scan Barrier Support (AntiCSRF Tokens, CAPTCHA, etc) (*) Etc The benchmark **one page** result summary can be viewed through the following link: http://sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html The full article, which includes analysis and conclusions, can be accessed through the following link: http://sectooladdict.blogspot.com/2014/02/wavsep-web-application-scanner.html
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.