[Dailydave] [Benchmark 2014] WAVSEP Vulnerability Scanner Benchmark 2013/2014
Shay Chen
sectooladdict.vendors at gmail.com
Wed Feb 12 02:59:24 EST 2014
The **2014** *WAVSEP* web application scanner benchmark has been published
-
And currently includes new products that were tested for the first time, as
well as returning vendors that were not tested for a while.
Covering a total **63** vulnerability scanners, including commercial
scanners, multiple SAAS engines and open source vendors, the research
compares the performance of the various tested scanners in the following
aspects:
(*) Prices vs. Features
(*) Automated Crawling (WIVET)
(*) Technology and Input Delivery Method Support
(*) Backup/Hidden File Detection Accuracy (*NEW!*)
(*) Unvalidated Redirect Detection Accuracy (*NEW!*)
(*) SQL Injection Detection Accuracy
(*) Cross Site Scripting Detection Accuracy
(*) Path Traversal / LFI Detection Accuracy
(*) (XSS/Phishing via) Remote File Inclusion
(*) Supported Vulnerability Detection Features (e.g. audit features)
(*) Authentication and Usability Features
(*) Coverage and Scan Barrier Support (AntiCSRF Tokens, CAPTCHA, etc)
(*) Etc
The benchmark **one page** result summary can be viewed through the
following link:
http://sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html
The full article, which includes analysis and conclusions, can be accessed
through the following link:
http://sectooladdict.blogspot.com/2014/02/wavsep-web-application-scanner.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.immunityinc.com/pipermail/dailydave/attachments/20140212/ac6a5c05/attachment.html>
More information about the Dailydave
mailing list