WebInspect 7.1 available

WebInspect 7 is the first and only web application security assessment tool to be re-architected to thoroughly analyze today’s complex web applications built on emerging Web 2.0 technologies. The new architecture delivers faster scanning capabilities, broader assessment coverage, and the most accurate results of any web application scanner available

WebInspect 7.1 features Server Analyzer, a new advanced tool for pen-testers:

Server Analyzer is a web server identification and discovery tool designed to quickly identify and understand the nature of a web server or web-enabled device.

  • Identifies popular web server software, web application software, embedded/web-enabled devices, and supporting network architecture components such as proxies and load balancers.
  • Uses a special characteristic-based identification technology that is capable of deducing the server software type despite attempts to hide the server software’s true identity.
  • Improves server identification accuracy reduces false-positive identifications due to configuration obfuscation.
  • Performs deep SSL SSL analysis on HTTPS sites, showing various information related to the server’s SSL configuration.

The following additional WebInspect 7.1 enhancements were designed to further simplify and speed up the installation and assessment processes.

  • New simple scan enabling users to conduct a comprehensive scan by entering only the URL, user name and password.
  • Faster scans through redundant page detection.
  • Simplified installation process by removing the dependency on SQL Server Express.
  • Enhanced Quality Center integration. Send defects directly to QC from WebInspect’s site tree or vulnerability pane.


Security-Database.com opinion :

This is a commercial software, so we have never used it before. We can’t really give our real point on it. However, SpyDynamics offers A 15 days Free Trial.

Post scriptum

Compliance Mandates

  • Application Scanner :

    PCI/DSS 6.3, SOX A12.4, GLBA 16 CFR 314.4(b) and (2), HIPAA 164.308(a)(1)(i), FISMA RA-5, SA-11, SI-2, ISO 27001/27002 12.6, 15.2.2

  • Vulnerability Scanner :

    PCI DSS 11.2, 6.6, SOX A13.3, GLBA 16CFR Part 314.4(c), HIPAA 164.308(a)(8), FISMA RA-5, SI-2, ISO 27001-27002 12.6, 15.2.2


Related Articles

Application Scanner
Vulnerability Scanner
WebInspect