Watchfire (AppScan) was great until IBM bought them (the Symantec syndrome...). WebInspect was great until HP bought them (HP just sucks all around). It's a tough market for management friendly report generating Web app scanners.
NIST keeps a nice list:
http://samate.nist.gov/index.php/Web_Application_Vulnerability_Scanners.
html
I tested Hailstorm once, it didn't perform as well as I hoped for the asking price. Good luck!
Randy
>I need a new web app scanner with features similar to Acunetix for
>around the same price.
>
>We've been using Acunetix for a few years, but they won't return my
>calls (is 3 enough?) to renew, so I'm moving on.
>
>I'm not experienced enough to do my own assessment by hand.
>
>I can't afford web app services like White Hat.
>
>Any help would be appreciated.
>
>
NIST keeps a nice list:
http://samate.nist.gov/index.php/Web_Application_Vulnerability_Scanners.
html
I tested Hailstorm once, it didn't perform as well as I hoped for the asking price. Good luck!
Randy
>I need a new web app scanner with features similar to Acunetix for
>around the same price.
>
>We've been using Acunetix for a few years, but they won't return my
>calls (is 3 enough?) to renew, so I'm moving on.
>
>I'm not experienced enough to do my own assessment by hand.
>
>I can't afford web app services like White Hat.
>
>Any help would be appreciated.
>
>
[ reply ]