Websecurify

Regular updates about Websecurify free and premium website scanners, proxies, fuzzers and insight knowledge about SQL Injection, Cross-site Scripting and other vulnerabilities

About Automated Vulnerability Discovery Changes

We are about to deploy a major improvement of our automatic web security testing technology. This improvement makes the Scanner, from the online Suite, more complete and the Foundation much faster.

So what are these improvements? Well, it boils down to how we craw your applications. Up until this point both Foundation and Scanner were using the same strategy and that is to spider the pages and try a few mutations when generating the requests. With the new changes in place, the Foundation tool will only do spidering making it a lot quicker without huge sacrifice in terms of vulnerability coverage. The Scanner, on the other hand will become a lot more complete performing not only spidering but also a dozen of mutation techniques for full coverage.

But wait! You may be thinking that the Scanner will become slower. While, the amounts of requests the Scanner generates may increase, we have added several small improvements that will make the overall performance better and reduce the runtime. The overall effect of these changes should be a visibly improved experience.

We have scheduled more work in this area aiming to make our testing technology the most performant. It is nearly there and we are way ahead to make our mid-term goals reality.

Stay tuned.

pdp

Petko D. Petkov (pdp), is founder of Websecurify and frontman of the GNUCITIZEN Information Security Think Tank. pdp is a recognized information security researcher, security tools developer, penetration tester, frequent speaker at industry events, and published author who has contributed to several best-selling books in the field of information security.

Comments Powered ByDisqus