lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CAJvxAA3Z2-8DMgcrS8LmGjYF=-s_BZ12EMYPyeH=Ap2krAXNNQ@mail.gmail.com>
Date: Wed, 12 Feb 2014 09:58:29 +0200
From: Shay Chen <sectooladdict.vendors@...il.com>
To: full-disclosure@...ts.grok.org.uk
Subject: [Benchmark 2014] WAVSEP Vulnerability Scanner
	Benchmark 2013/2014

The **2014** *WAVSEP* web application scanner benchmark has been published
-

And currently includes new products that were tested for the first time, as
well as returning vendors that were not tested for a while.


Covering a total **63** vulnerability scanners, including commercial
scanners, multiple SAAS engines and open source vendors, the research
compares the performance of the various tested scanners in the following
aspects:


(*) Prices vs. Features

(*) Automated Crawling (WIVET)

(*) Technology and Input Delivery Method Support

(*) Backup/Hidden File Detection Accuracy (*NEW!*)

(*) Unvalidated Redirect Detection Accuracy (*NEW!*)

(*) SQL Injection Detection Accuracy

(*) Cross Site Scripting Detection Accuracy

(*) Path Traversal / LFI Detection Accuracy

(*) (XSS/Phishing via) Remote File Inclusion

(*) Supported Vulnerability Detection Features (e.g. audit features)

(*) Authentication and Usability Features

(*) Coverage and Scan Barrier Support (AntiCSRF Tokens, CAPTCHA, etc)

(*) Etc



The benchmark **one page** result summary can be viewed through the
following link:

http://sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html

The full article, which includes analysis and conclusions, can be accessed
through the following link:
http://sectooladdict.blogspot.com/2014/02/wavsep-web-application-scanner.html

Content of type "text/html" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ