Monday, June 11, 2007
Rolling Reviews: SPI Dynamics WebInspect
Last month I blogged that Jordan Wiens of Network Computing would be conducting Rolling Reviews of Web Applications Scanners. First up is the review of SPI Dynamics's WebInspect product. As expected Jordan isn't making this cake walk for vendors. He knows his webappsec stuff and will dig deep into the results, especially around the Ajax claims. Ajax is a tough problem to solve and is likely unsolvable. Ajax is also unlikely to make web applications less secure, but definitely makes them harder to assess. Next up, Cenzic ARC (Application Risk Controller) .