Web Application Security: Automated Scanning versus Manual Penetration Testing

Web Application Security: Automated Scanning versus Manual Penetration Testing

Cover
Research has shown that a vast number of Web sites are vulnerable to Web application attacks and that a great percentage of these attacks occur over the HTTP/S protocols, ports that are often exposed to the entire online community. With these facts in mind, it's essential for organizations to take serious measures to help secure their Web applications. As Web applications become increasingly complex, tremendous amounts of sensitive data--including personal, medical and financial information--are exchanged and stored. Consumers expect and even demand that this information be kept secure. This paper explains the two primary methods for discovering Web application vulnerabilities: using manual penetration testing and code review or using automated scanning tools and static analysis.

Author

Danny Allan Strategic Research Analyst, IBM Software Group
Vendor:
Logicalis
Posted:
11 Dec 2008
Published:
11 Dec 2008
Format:
PDF
Length:
8 Page(s)
Type:
White Paper
Language:
English
Already a Bitpipe member? Login here

Download this White Paper!

By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.