Home > Resources > Whitepapers > Analyzing the Accuracy and Time Costs of Web Application Security Scanners

Analyzing the Accuracy and Time Costs of Web Application Security Scanners

When reviewing scanners, most vendors provide and host website(s) which are intentionally vulnerable in various ways.
Web application security scanner vendors have seen a large number of vulnerabilities from varying web applications
through their research and through their work with their clients. Vendors will often add newly discovered vulnerabilities
to their test websites as they look to augment the capabilities of their scanner. As a result, these test applications represent
the sum total of thousands of hours of research and thousands of real world scans and are a fairly good representation
of the types of vulnerabilities that exist in the wild. I became curious as to how well the scanners actually do audit
these test applications, and how other vendors’ scanners would work against them.

I'm For Real

Enter your details once to access all our information and resources

Spotlight

Parameter Security

A global provider of ethical hacking and information security services, Parameter Security brings unmatched experience, incomparable expertise and peace of mind to clients worldwide. As a highly respected third-party independent assessor comprised of world-renown ethical hackers, our clients cover all major industries including: financial, insurance, e-Commerce, manufacturing, retail, government, health care, education, transportation and more. As an InfoSec service provider, we provide an array of services including: vulnerability assessments, penetration testing, website security assessments, wireless network testing, web application testing, secure code reviews, compliance audits (PCI DSS, GLBA, NERC, HIPAA, etc.) social engineering, policy reviews, gap analysis, incident response, computer forensics and much more.

OTHER WHITEPAPERS
news image

Pulumi Cloud Security Whitepaper

whitePaper | October 24, 2022

Pulumi is a venture-backed cloud computing company in Seattle, WA, founded by industry veterans with decades of experience creating and operating Enterprise software at companies like Microsoft, Amazon, and Google. Pulumi’s user base includes companies of all shapes and sizes, including ISVs, SIs, and Fortune 500s.

Read More
news image

IoT Cybersecurity vision 2018-2019

whitePaper | November 6, 2019

The emergence of IoT – the networked connection of people, process, data and things – is expected to significantly grow the number of connected devices worldwide, from billions of units we have today, to tens of billions of units expected to be deployed in the coming years as stated by several analysts.

Read More
news image

Who Owns Security in the Cloud?

whitePaper | September 27, 2022

Businesses once doubted the long-term benefits of moving their traditional, on-premises workloads to the cloud. But those doubts didn’t last long. The ROI of cloud migration was realized quickly and decisively. Businesses eagerly shifted their workloads to the cloud and realized the financial benefits of doing so. However, in the rush to the cloud, clarity on security — and who is responsible for it — is often lost.

Read More
news image

IoT Application Provisioning for Security Using FDO and TPM

whitePaper | December 29, 2022

The Internet of Things (IoT) offers the appealing possibility of harnessing millions of devices that measure or modify real world things and allows processes to be optimized. There are many opportunities: thermostats optimized for tomorrow’s weather, shipping containers optimized for packing before their contents arrive, assembly lines that reconfigure automatically for each item, street lighting adjusted to make streets safer, and so on.

Read More
news image

Cybersecurity: A Comprehensive Risk Management Approach for Healthcare

whitePaper | August 19, 2022

Healthcare entities continue to face evolving cybersecurity threats that can put patient safety, privacy and operations at risk. Health information security breaches occur daily and will continue to accelerate as cyber-criminals recognize the value of patient data and the critical need for provider organizations to keep systems up and running. The cost of a data breach is astounding, and one few healthcare organizations can absorb as they continue to deal with the effects of the COVID-19 pandemic.

Read More
news image

Log More to Improve Visibility and Enhance Security

whitePaper | September 29, 2022

As the amount of system log data grows exponentially, security teams and threat hunters routinely must limit how much they can collect and how long they can store it because of the performance limitations and costs associated with traditional log management tools.

Read More

Pulumi Cloud Security Whitepaper

whitePaper | October 24, 2022

Pulumi is a venture-backed cloud computing company in Seattle, WA, founded by industry veterans with decades of experience creating and operating Enterprise software at companies like Microsoft, Amazon, and Google. Pulumi’s user base includes companies of all shapes and sizes, including ISVs, SIs, and Fortune 500s.

Read More

IoT Cybersecurity vision 2018-2019

whitePaper | November 6, 2019

The emergence of IoT – the networked connection of people, process, data and things – is expected to significantly grow the number of connected devices worldwide, from billions of units we have today, to tens of billions of units expected to be deployed in the coming years as stated by several analysts.

Read More

Who Owns Security in the Cloud?

whitePaper | September 27, 2022

Businesses once doubted the long-term benefits of moving their traditional, on-premises workloads to the cloud. But those doubts didn’t last long. The ROI of cloud migration was realized quickly and decisively. Businesses eagerly shifted their workloads to the cloud and realized the financial benefits of doing so. However, in the rush to the cloud, clarity on security — and who is responsible for it — is often lost.

Read More

IoT Application Provisioning for Security Using FDO and TPM

whitePaper | December 29, 2022

The Internet of Things (IoT) offers the appealing possibility of harnessing millions of devices that measure or modify real world things and allows processes to be optimized. There are many opportunities: thermostats optimized for tomorrow’s weather, shipping containers optimized for packing before their contents arrive, assembly lines that reconfigure automatically for each item, street lighting adjusted to make streets safer, and so on.

Read More

Cybersecurity: A Comprehensive Risk Management Approach for Healthcare

whitePaper | August 19, 2022

Healthcare entities continue to face evolving cybersecurity threats that can put patient safety, privacy and operations at risk. Health information security breaches occur daily and will continue to accelerate as cyber-criminals recognize the value of patient data and the critical need for provider organizations to keep systems up and running. The cost of a data breach is astounding, and one few healthcare organizations can absorb as they continue to deal with the effects of the COVID-19 pandemic.

Read More

Log More to Improve Visibility and Enhance Security

whitePaper | September 29, 2022

As the amount of system log data grows exponentially, security teams and threat hunters routinely must limit how much they can collect and how long they can store it because of the performance limitations and costs associated with traditional log management tools.

Read More
More Whitepapers

Spotlight

Parameter Security

A global provider of ethical hacking and information security services, Parameter Security brings unmatched experience, incomparable expertise and peace of mind to clients worldwide. As a highly respected third-party independent assessor comprised of world-renown ethical hackers, our clients cover all major industries including: financial, insurance, e-Commerce, manufacturing, retail, government, health care, education, transportation and more. As an InfoSec service provider, we provide an array of services including: vulnerability assessments, penetration testing, website security assessments, wireless network testing, web application testing, secure code reviews, compliance audits (PCI DSS, GLBA, NERC, HIPAA, etc.) social engineering, policy reviews, gap analysis, incident response, computer forensics and much more.

Events

Cyber Security World Asia

Conference