How many people have used a commercial scanner to look for vulnerabilities in web applications? Lots of you, right.
And who thinks that the scanner they use is as good as it could possibly be?
Anyone? Anyone? Bueller?
I often talk to people about their experience with web scanning products, and these are the complaints I hear:
- They are too slow, and provide little feedback or control over what they are doing during scans.
- They try to perform checks that can't be reliably automated, resulting in too many false positives.
- Even with the core input-based bugs that should be their bread-and-butter, they miss too much low hanging fruit.
- Their issue reporting is often vague and generic, requiring a lot of manual work to confirm issues and produce write-ups that you can give to a customer.
- They are too expensive.
If you would like to see a web scanner that addresses some of these issues, then watch this space. If you would like to see one that addresses all of them, then experience a pleasurable quickening of the heart rate. And still watch this space.