By: MJ
To help developers track down and find potential security holes, there are a host of tools available called Web application vulnerability scanners. Their aim is to automate and speed up a process that, when performed manually, is a long and painstaking one. By crawling through a Web site and injecting various attack scenarios, scanners compare an application’s responses against a database of security vulnerability signatures.
Despite their usefulness, Web application vulnerability scanners have not become a must-have for every development team, largely because of cost. Yet there are several good open source scanners available for free. In this tip, we’ll examine a few other reasons for the holdup in Web application vulnerability scanner adoption.