RE: Vuln Scanner for Web App Source Code



Veracode is way better than AppScan & WebInspect in my findings. They
do static binary analysis. And AppScan & WebInspect have way too many
false positives you have to deal with.

-n


-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Kevin Reiter
Sent: Wednesday, May 21, 2008 2:30 PM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: RE: Vuln Scanner for Web App Source Code

Vericode - http://www.veracode.com

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx
[mailto:listbounce@xxxxxxxxxxxxxxxxx]On Behalf Of cnanne@xxxxxxxxx
Sent: Sunday, May 18, 2008 12:16 AM
To: pen-test@xxxxxxxxxxxxxxxxx
Subject: Vuln Scanner for Web App Source Code


This might be a bit of a dumb question, but does anyone know of a good
Vulnerability Scanner for finding faults in the actual Source Code of
the Web App? Or can this task can only be done by hand?


Any feedback on this is highly appreciative



cheers,


PhoenixRbrth


This message may contain confidential or proprietary information and is
intended solely for the individual(s) to whom it is addressed. If you
are not a named addressee you should not disseminate, distribute or copy
this e-mail or act upon the information contained herein. Please notify
the sender immediately by e-mail if you have received this e-mail by
mistake and delete this e-mail from your system.


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------


------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes
in Securing Web Applications
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------