The value of automated Security Tests

I think that I should speak up how I feel about automated security tests. I don’t think that this post will bring much value to you but at least you will be able to see what it feels like from the field. I will try to keep my thoughts short and clean and emphasize on the main points without going too much out of scope. I think that this topic has been already widely discussed so there is no need to waste more time on it. Everyone should make up their own mind. [...]

more | comments | comments rss | posted by

Automated Web Foo or Fud!

Jeremiah is the most outspoken that I have seen regarding the effectives of automated web application tools. His recent post, Are web application scanners ***ing useless?, almost sounds frustrated. While developing the initial version of the Technika Security Framework, I have really had a chance to think about this, which I haven’t done since an OWASP presentation I attended 2-3 years ago, anyone have the link for this? [...]

more | comments | comments rss | posted by