DocumentCode :
3331534
Title :
Web Application Scanners: Definitions and Functions
Author :
Fong, Elizabeth ; Okun, Vadim
Author_Institution :
Inf. Technol. Lab., Nat. Inst. of Stand. & Technol., Gaithersburg, MD
fYear :
2007
fDate :
Jan. 2007
Abstract :
There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what vulnerabilities. This paper identifies a taxonomy of software security assurance tools and defines one type of tool: Web application scanner, i.e., an automated program that examines Web applications for security vulnerabilities. We describe the types of functions that are generally found in a Web application scanner and how to test it
Keywords :
Internet; security of data; Web application scanner; commercial software security assurance tool; software vulnerability; Application software; Buffer overflow; Information security; Information technology; Laboratories; NIST; National security; Software measurement; Software tools; Testing; Software assurance; software security; software security assurance tool; vulnerability.; web application;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
System Sciences, 2007. HICSS 2007. 40th Annual Hawaii International Conference on
Conference_Location :
Waikoloa, HI
ISSN :
1530-1605
Electronic_ISBN :
1530-1605
Type :
conf
DOI :
10.1109/HICSS.2007.611
Filename :
4076950
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3331534
بازگشت