期刊名称:International Journal of Computer Science and Network Security
印刷版ISSN:1738-7906
出版年度:2013
卷号:13
期号:6
页码:71-75
出版社:International Journal of Computer Science and Network Security
摘要:There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what vulnerabilities. This paper identifies taxonomy of software security assurance tools and defines one type of tool: web application scanner, i.e., an automated program that examines web applications for security vulnerabilities. We describe the types of functions that are generally found in a web application scanner and how to test it.
