Via the SPI Dynamics blog ,I saw that Ory Segal of IBM/Watchfire released an analysis of Larry Suto’s scanner comparison.   If you recall, Jeff Foristal of SPI released his own a few weeks back. I will let you compare and make up your mind, but I will note that both are much more open and [...]

Recently, October 2007, Larry Suto released a case study analyzing several web application scanners. Upon reading it, I disregarded the findings as there was little to no information revealed around application and scanner configuration.
I complained that I could not trust the results because the configurations were not provided. I was surprised to speak [...]

Currently there are several offerings in the market for application security testing. There is black box, white box, grey, and finally binary analysis.

Black Box Testing
Like all things in life, black box testing has its ups and downs. Through this testing method, the tester focuses on portions of the application which the user [...]