Top 12 Vulnerability Assessment Scanning Tools

Introduction As the hacking and vulnerability incidents are increasing every day, there is a need for vulnerability scanning tool which can scan our workstations, web servers, web applications, networks, etc. on a regular basis and point out the vulnerabilities associated with these systems. Not only this but such scanning tool should able to do the assessment of the following vulnerability associated with any system. Tracking of existing security measures. The network inspection against any kind of vulnerability. Classification of physical as well as virtual servers against security attacks. Tracking of…

Continue Reading

Fuzz Testing (Fuzzing) in Software Testing

Introduction Fuzz testing, also known as fuzzing is a well-known quality assurance testing that is conducted to unveil coding errors and security loopholes in the software, networks, or operating systems. Fuzz testing is an automated or semi-automated testing technique which is widely used to discover defects which could not be identified by traditional functional testing methods. It involves providing invalid input data or massive random data (known as fuzz to the system) in order to test the system with an attempt to crash it or failing the built-in code of…

Continue Reading

Choosing the Right Web Security Scanner

In today's tutorial, we are talking how to choose right Web Security Scanner. You may interested in Security Testing topics. ******** Why do I Need a Web Security Scanner? A web security scanner is a software that is designed to crawl across your websites, web applications, API endpoints, and more, and test for various kinds of known and unknown security vulnerabilities.  In fact, web security scanners perform the same function as reconnaissance scans performed by attackers every day, looking for and testing vulnerabilities.  Indeed, by using similar methods as the attackers, you…

Continue Reading

Interviewing a Testing Expert – Ziyahan Albeniz

Yes I know, since long time I have not published any of my Testing Interview with professionals from around the globe. So I'm again back with the testing interview, and this time I'll be interviewing Ziyahan Albeniz from Netsparker.   BIO: Ziyahan Albeniz is an experienced Security Researcher who started as a QA Engineer at Netsparker. At Netsparker he worked his way up to be the Security Team Lead. He graduated in Computer Programming from Sakarya University in Istanbul. He has reported security issues to large companies such as Yandex and…

Continue Reading

How a Web Application Security Scanner can Help to Reduce Your Development Costs

A quick search on Google will reveal plenty of posts that deal specifically with the importance of scanning your web application and eliminating all vulnerabilities. An approach that strikes the appropriate balance between automated security scanning and manual testing using a skilled penetration tester is usually considered to be the best option. Experience usually demonstrates that a combination of these two methods results in the most efficient way to find and eliminate both technical and logical vulnerabilities. On the topic of efficiency, there is one thing that’s probably not discussed…

Continue Reading

Source Code Audit or Automated Web Application Vulnerability Scan?

Scanning for Web Application Vulnerabilities versus Static Source Code Audits: Choosing the Most Appropriate Solution There are quite a few terms floating around the web application security space and sometimes it can be challenging to understand exactly what a specific term means and how it might relate to similar terms. One such example that we were asked about recently was the term “source code audit”. We thought we’d provide an overview of what exactly a source code audit is and how its use can vary depending on your particular situation.…

Continue Reading
Close Menu