A web application security scanner is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses. It performs a black-box test. Unlike source code scanners, web application scanners don't have access to the source code and therefore detect vulnerabilities by actually performing attacks.
Web applications have been highly popular since 2000 because they allow users to have an interactive experience on the Internet. Rather than just view static web pages, users are able to create personal accounts, add content, query databases and complete transactions. In the process of providing an interactive experience web applications frequently collect, store and use sensitive personal data to deliver their service. Customers benefit from the convenience of these applications, while tacitly taking on risk that private information stored in web applications will be compromised through hacker attacks, insider leaks etc.
According to the Privacy Rights Clearinghouse, more than 18 million customer records have been compromised in 2012 due to insufficient security controls on corporate data and web applications.
| Software Testing portal |
Read more about Web Application Security Scanner: Overview, Strengths and Weaknesses
Famous quotes containing the words web, application and/or security:
“Thou blind man’s mark, thou fool’s self-chosen snare,
Fond Fancy’s scum and dregs of scattered thought,
Band of all evils, cradle of causeless care,
Thou web of will whose end is never wrought;
Desire! desire, I have too dearly bought
With price of mangled mind thy worthless ware;”
—Sir Philip Sidney (1554–1586)
“I conceive that the leading characteristic of the nineteenth century has been the rapid growth of the scientific spirit, the consequent application of scientific methods of investigation to all the problems with which the human mind is occupied, and the correlative rejection of traditional beliefs which have proved their incompetence to bear such investigation.”
—Thomas Henry Huxley (1825–95)
“The most disgusting cad in the world is the man who, on grounds of decorum and morality, avoids the game of love. He is one who puts his own ease and security above the most laudable of philanthropies.”
—H.L. (Henry Lewis)