A final draft of Web Application Security Scanner Evaluation Criteria (WASSEC) is available here, it is a set of guidelines to evaluate web application scanners on their ability to effectively test web applications and identify vulnerabilities. It covers areas such as crawling, parsing, session handling, testing, and reporting.
No comments:
Post a Comment