.0"> WebInspect 2.0
SPI Dynamics WebInspect provides a cost-effective way to scan custom Web applications on one or two Web servers for coding vulnerabilities. Web developers will especially appreciate the developer-oriented sections in its vulnerability descriptions. As with Sanctums AppScan, organizations using WebInspect should continue to perform human audits and regular penetration tests.
At $4,995 per tested server, WebInspect lets organizations test one or two servers quite cheaply, but costs rise quickly for larger shops. (+) Finds custom application and Web server vulnerabilities; provides a full programming language and programming tools to write custom rules; information-packed vulnerability descriptions. (-) A full scan of an application took longer with WebInspect than it did with AppScan; could crash a tested server or put test data into a tested applications database. Evaluation Short List Sanctums AppScan www.spidynamics.com