seek3r - Slashdot User

Comment Re:Snort's not dead... (Score 2, Informative) 127

by seek3r on Wednesday July 21, 2010 @11:19AM (#32978286) Attached to: Is Open Source SNORT Dead?

I have to agree that Snort is not nearly dead. The team at Sourcefire is working to improve the capabilities of both the open source Snort and the commercial product. With the integration we have put together with NTOSpider (web application security scanner) where NTOSpider is able to generate custom Snort rules for web application vulnerabilities it discovers, this can make Snort a reasonable Web Application Firewall (when in block mode) for accomplishing virtual patches to completely custom web apps. As the Sourcefire team continues to push integration and the Snort rules format to other complimentary technologies, I see an interesting level of advancement on the horizon.

Web App Scanners Miss Half of Vulnerabilities 68

Posted by kdawson on Saturday February 06, 2010 @04:57PM from the hey-we-caught-half-too dept.

seek3r sends news of a recent test of six web application security scanning products, in which the scanners missed an average of 49% of the vulnerabilities known to be on the test sites. Here is a PDF of the report. The irony is that the test pitted each scanner against the public test files of all the scanners. This reader adds, "Is it any wonder that being PCI compliant is meaningless from a security point of view? You can perform a Web app scan, check the box on your PCI audit, and still have the security posture of Swiss cheese on your Web app!" "NTOSpider found over twice as many vulnerabilities as the average competitor having a 94% accuracy rating, with Hailstorm having the second best rating of 62%, but only after extensive training by an expert. Appscan had the second best 'Point and Shoot' rating of 55% and the rest averaged 39%."

Submission + - Avg Web App Scanner Misses 49% Of Vulnerabilities (ckers.org) 1

Submitted by seek3r on Saturday February 06, 2010 @12:32PM

seek3r writes: Report: Most Web Application Scanners Missed Nearly Half Of Vulnerabilities

According to a recent test of some of 6 web application security scanning products, the scanners missed an average of 49% of the vulnerabilities known to be on the test sites.

"NTOSpider found over twice as many vulnerabilities as the average competitor having a 94% accuracy rating, with Hailstorm having the second best rating of 62%, but only after extensive training by an expert. Appscan had the second best 'Point and Shoot' rating of 55% and the rest averaged 39%."

Is it any wonder that being PCI compliant is meaningless from a security point of view? You can perform a web app scan, check the box on your PCI audit and still have a security posture that is like swiss cheese on your web app!

Slashdot Top Deals