• DocumentCode
    20601
  • Title

    Penetration Testing for Web Services

  • Author

    Antunes, Nuno ; Vieira, Marco

  • Author_Institution
    Univ. of Coimbra, Coimbra, Portugal
  • Volume
    47
  • Issue
    2
  • fYear
    2014
  • fDate
    Feb. 2014
  • Firstpage
    30
  • Lastpage
    36
  • Abstract
    Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance. The Web extra at http://youtu.be/COgKs9e679o is an audio interview in which authors Nuno Antunes and Marco Vieira describe how their analysis of popular testing tools revealed significant performance failures and provided important insights for future improvement.
  • Keywords
    Web services; program testing; safety-critical software; security of data; Web services; commercially available automated tools; critical software security faults; malicious attack; penetration testing; Computer security; Computer viruses; Runtime; Simple object access protocol; Software testing; Web and internet services; SQL injection; Web security scanners; Web services; code vulnerabilities; command injection; penetration testing; vulnerability detection;
  • fLanguage
    English
  • Journal_Title
    Computer
  • Publisher
    ieee
  • ISSN
    0018-9162
  • Type

    jour

  • DOI
    10.1109/MC.2013.409
  • Filename
    6681866
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=20601