tag:blogger.com,1999:blog-13756280.post8291420851510370283..comments2024-02-08T03:44:23.780-08:00Comments on Jeremiah Grossman: Rolling Reviews: Cenzic's HailstormJeremiah Grossmanhttp://www.blogger.com/profile/05017778127841311186noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-13756280.post-55324560298598224572007-06-27T13:34:00.000-07:002007-06-27T13:34:00.000-07:00It's not a big deal. Thanks for the fix though.I ...It's not a big deal. Thanks for the fix though.<BR/><BR/>I wasn't exaggerating about <A HREF="http://www.google.com/search?q=site:networkcomputing.com+weins" REL="nofollow">NWC</A>. <BR/><BR/>Results 1 - 9 of 9 from networkcomputing.com for weins. (0.20 seconds)Jordanhttps://www.blogger.com/profile/08341608982649448622noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-71834647638795450962007-06-25T08:24:00.000-07:002007-06-25T08:24:00.000-07:00@Jordan, oops sorry about that. I went back on cor...@Jordan, oops sorry about that. I went back on correct a couple of my posts. Damn, that copy/paste.Jeremiah Grossmanhttps://www.blogger.com/profile/05017778127841311186noreply@blogger.comtag:blogger.com,1999:blog-13756280.post-84496975803079655552007-06-24T11:04:00.000-07:002007-06-24T11:04:00.000-07:00Writing web applications scanners reviews is good ...Writing web applications scanners reviews is good thing which will be useful for Internet community. There are some such reviews already (which I found this and last year), but there is necessity of quality reviews. So I hope these reviews (Cenzic's Hailstorm, SPI Dynamics WebInspect and future reviews) will be useful.<BR/><BR/>About Cenzic software you can make resume (about scanner's quality) from my post. As I wrote at my site http://websecurity.com.ua/588/ in last year I found hole at Cenzic's site search (they are using picosearch.com). Holes at web site (web application) of security company is very demonstrative.<BR/><BR/>Three months later after I informed them, I found that they fixed hole but incompletely (and forgot to thanks me which is typical). The hole can be used via small code modification. And only today, two months later after that, I see that they fixed vuln completely at last. Everyone will can make conclusions from this incident.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-49570019224903486602007-06-24T06:07:00.000-07:002007-06-24T06:07:00.000-07:00what is my commentwhat is my commentAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-13756280.post-75428122167852317262007-06-23T07:20:00.000-07:002007-06-23T07:20:00.000-07:00Btw -- it's Wiens, though I see Weins with such fr...Btw -- it's <B>Wiens</B>, though I see Weins with such frequency that I've considered just changing my name to that instead of fighting it. In fact, I think the magazine still has it spelled wrong online in a few places. ;-)<BR/><BR/>Just as a heads up for anyone who is subscribed to NWC in print -- the 25th issue with this review is the last print issue of Network Computing. We'll be moving to all online, though some of our stories will be printed in some new sections of Information Week.<BR/><BR/>But the good news is these web app reviews will keep coming! I'm working on N-Stalker and Watchfire now, and if I ever get the last few sets of credentials over to White Hat, I might even be able to finish that article too!<BR/><BR/>Also, if anybody wants to send feedback or comments about the reviews, please drop me an email at jwiens-(at)-nwc-(dot)-com. When all the individual reviews are done there will be a final wrapup piece comparing all the different products and approaches, so get yet comments in soon!Jordanhttps://www.blogger.com/profile/08341608982649448622noreply@blogger.com