You are here: silicon.com > Resources > White Papers > Security > Security Administration > Security Applications

Security Applications White Papers

Web application security: automated scanning versus manual penetration testing

Overview Web sites are vulnerable to Web application attacks and a great percentage of these attacks occur over the HTTP/S protocols, ports that are often exposed to the entire online community. It's essential for organizations to take serious measures to help secure their Web applications.

There are two primary methods for discovering Web application vulnerabilities: using manual penetration testing and code review or using automated scanning tools and static analysis. The purpose of this paper is to compare these two methods.

Further White Paper Details
Publisher	IBM	File Format	PDF
Date Published	January 2008
Format	White Papers
Topics	Security Applications, Security Management, Best Practices

Did you find this white paper useful? 7 out of 14 users found this white paper useful

Take a holistic approach to business-driven security

Publisher:
IBM

Web application security: automated scanning versus manual penetration testing

Publisher:
IBM

ThinkPads with Integrated Fingerprint Readers Secure Your Mobile Workforce

Publisher:
Insight Direct

Preventing Malicious Spyware in the Enterprise

Publisher:
Sana Security

Smart, Simple, Secure Management Options for Small to Medium Enterprises

Publisher:
McAfee

Tags:
network security

Microsoft's 'gagging' policy hits security sector hard

Vendors excluded from this elite group now face the prospect of having to charge their customers more because researching vulnerabilities will become more costly for them now they have been left out in the cold.

Channel:
Security Strategy

Browser-based attacks top security fears

Companies also are doing more security audits and penetration testing. This drop could be attributed to the high percentage of companies using antivirus applications to fight viruses and worm attacks.

Channel:
Security Strategy

Surfers at risk from corporate websites

With no patch from Microsoft, that leaves Internet Explorer users vulnerable. That server uses the pair of Microsoft Internet Explorer vulnerabilities to upload and execute a remote access Trojan horse, RAT, to the victim's PC.

Channel:
Malware

Is penetration testing breaking Herts on the internet?

Ethical hacking' and penetration testing is becoming an increasingly important aspect of security with companies and organisations not willing to wait until somebody with criminal intent comes knocking before they discover where their...

Bluetooth flaw found in Sony Ericsson phones

Several mobile phones produced by Sony Ericsson are vulnerable to denial of service attacks, two security companies reported this week. While this specific vulnerability may be low-risk, Kristensen cautioned that these kinds of vulnerabilities in...

Insider security risks exposed

Samar said the use of code-scanning technology to detect problems and the separation of approval roles so code is checked a number of times could iron out these vulnerabilities. Curious Cat, although not malicious, will look at data they shouldn't...

Live Webcast: Telecoms 2.0 - Where is telecoms heading?

In this webcast, our panel of experts will review where we are with next generation telecoms in the UK, working through the concept of 'Telecoms 2.0': - Realising the potential of Next Generation Networks - why it isn't just about the technology? - What attributes should firms be looking for in their telco partner? - Is the relationship between telco provider and customer changing? - What things need to happen to make next generation services a reality? - You say you want the supplier to change. Do you want to change too? - What is Telecoms 2.0?

Publisher:
ZDNet UK

Telecom 2.0: Mind over matter

ntl:Telewest Business believes that the role of the telco is evolving. Gone are the days when it was enough to simply focus on circuits and minutes, customers now need a far higher degree of interaction and look for suppliers who will talk business solutions with them.

Publisher:
ntl:Telewest Business

IBM Information Server Change Data Capture

In today's fast-paced world, access to real-time data has never been more important. To be successful, organizations need to be able to report and analyze corporate data quickly and easily, regardless of what applications created the data, what platform they're running on, or what database they're stored in.

Publisher:
IBM

An examination of server consolidation: the trends that can drive efficiencies and help businesses gain a competitive edge

This white paper provides a starting point for organizations contemplating server consolidation. It includes an overview of server consolidation concepts and techniques and provides guidance on methodologies. It also looks at the potential cost savings associated with server consolidation and offers information on how organizations can sustain the advantage they have gained by consolidating their servers.

Publisher:
IBM

Also on silicon.com

Site Navigation:

Security Applications White Papers

Web application security: automated scanning versus manual penetration testing

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific