Saturday, May 30, 2009

Web Application Security Scanner Evaluation Criteria

A final draft of Web Application Security Scanner Evaluation Criteria (WASSEC) is available here, it is a set of guidelines to evaluate web application scanners on their ability to effectively test web applications and identify vulnerabilities. It covers areas such as crawling, parsing, session handling, testing, and reporting.

No comments: