1 / 24

Choosing the Best web app security Scanner

Choosing the Best web app security Scanner. Who am I ?. Chirita Ionel Application Security Analyst @ OWASP Chapter board member . What do we want from a scanner?. Wide Coverage Fast scans Low number of false positives Low number of false negatives Scalability Easy to use

miron
Download Presentation

Choosing the Best web app security Scanner

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Choosing the Best web app security Scanner

  2. Who am I ? • ChiritaIonel • Application Security Analyst @ • OWASP Chapter board member

  3. What do we want from a scanner? • Wide Coverage • Fast scans • Low number of false positives • Low number of false negatives • Scalability • Easy to use • Permanent vulnerability database updates • To be Cheap !?

  4. W.a.s. evaluation criteria • Hardware Requirements & support • Protocol support • Authentication • Session management • Crawling • Data Parsing • Testing • Command and control • Reporting

  5. Hardware requirements & support • Thick client vs cloud

  6. Protocol support Transport support Proxy support HTTP1.0 & HTTP1.1 proxy Socks 4 proxy Socks 5 proxy PAC file support • HTTP1.0 & HTTP1.1 • SSL/TLS • HTTP keep alive • HTTP compression • HTTP user agent configuration

  7. authentication • Basic • Digest • HTTP negotiate – NTLM & Kerberos • Html form-based • Automated • Scripted • Non-automated • Single sign on • Client SSL certificates • Other

  8. Session management • Session management capabilities • Start a new session • Detect if the session is expired • Reacquire session token • Session management token type support • HTTP cookies • HTTP parameters • HTTP URL path • Session token detection • Session token refresh policy

  9. crawling • Define starting URL • Define additional hostname or exclusions for specific criteria • Support automated from submission • Detect error pages and custom 404 pages • Redirect support

  10. Data parsing • HTML • JavaScript • VBScript • XML • Plaintext • ActiveX Objects • Flash

  11. testing

  12. Command and control • Schedule scans • Pause / resume • Real-time status of running scans • Run multiple scans simultaneously • GUI, CLI and web based interface • Extensibility & interoperability

  13. reporting • Executive summary • Technical detailed report • Delta reports • Compliance report • Customization • Report data file format

  14. So you Should Just use the Best Scanner, Right? • Why do you mean by “best” ? • Or the cheapest ?

  15. By Larry Suto

  16. What about … • … running each vendor's scanner against each of the vendor's test sites and comparing the results

  17. Summary of results

  18. Summary of results

  19. Case Study • By Chirita Ionel

  20. On top of all -> Gartner Magic quadrant

  21. So ?

More Related