homepage
Open menu

Testing Web Application Security Scanners against a Web 2.0 Vulnerable Web Application

Web application security scanners are used to perform proactive security testing of web applications. Their effectiveness is far from certain, and few studies have tested them against modern 'Web 2.0' technologies which present significant challenges to scanners. In this study three web...
By
Edmund Foster
October 11, 2018
Download

All papers are copyrighted. No re-posting of papers is permitted

470x382_Generic_Whitepaper.jpg

Related Content

Blog
DevSecOops_Thumbnail_FINAL.png
DevSecOps
What is DevSecOps
Part one of a four-part blog series about what’s needed to shake, shimmy, and shift left
Profile_Picture.jpeg
Stacy Dunn
read more
Blog
DevSecOps
Demystifying Cross-Site Request Forgery
Continuously ranked in the OWASP Top Ten, a large majority of the development community still doesn't understand Cross-Site Request Forgery (CSRF). After years of penetration tests and code reviews, my experiences show that a high percentage of applications, especially new applications, do not have...
SANS_social_88x82.jpg
SANS Institute
read more
Blog
DevSecOps
Password Storage Mistakes
Steve Kosten is an instructor with the SANS Institute for DEV541: Secure Coding in Java/JEE. Password Storage Mistakes I was visiting a web site recently that I haven't visited in many, many years. I tried a few old passwords I used to use before I started using a password storage system, but no...
SANS_social_88x82.jpg
SANS Institute
read more