Web Application Scanners: Definitions and Functions

H
HICSS
2007
40th Annual Hawaii International Conference on System Sciences (HICSS'07)
Abstract - Web Application Scanners: Definitions and Functions

	This Article
	PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Elizabeth Fong Articles by Vadim Okun

40th Annual Hawaii International Conference on System Sciences (HICSS'07)

Web Application Scanners: Definitions and Functions (PDF)

Big Island, Hawaii

January 03-January 06

ISBN: 0-7695-2755-8

	ASCII Text	x
	Elizabeth Fong, Vadim Okun, "Web Application Scanners: Definitions and Functions," Hawaii International Conference on System Sciences, pp. 280b, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007.

	BibTex	x
	@article{ 10.1109/HICSS.2007.611, author = {Elizabeth Fong and Vadim Okun}, title = {Web Application Scanners: Definitions and Functions}, journal ={Hawaii International Conference on System Sciences}, volume = {0}, year = {2007}, issn = {1530-1605}, pages = {280b}, doi = {http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.611}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Hawaii International Conference on System Sciences TI - Web Application Scanners: Definitions and Functions SN - 1530-1605 SP EP A1 - Elizabeth Fong, A1 - Vadim Okun, PY - 2007 KW - Software assurance; software security; software security assurance tool; web application; vulnerability. VL - 0 JA - Hawaii International Conference on System Sciences ER -

Elizabeth Fong, National Institute of Standards and Technology, USA

Vadim Okun, National Institute of Standards and Technology, USA

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/HICSS.2007.611

There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what vulnerabilities. This paper identifies a taxonomy of software security assurance tools and defines one type of tool: web application scanner, i.e., an automated program that examines web applications for security vulnerabilities. We describe the types of functions that are generally found in a web application scanner and how to test it.

Index Terms:

Software assurance; software security; software security assurance tool; web application; vulnerability.

Citation:

Elizabeth Fong, Vadim Okun, "Web Application Scanners: Definitions and Functions," hicss, pp.280b, 40th Annual Hawaii International Conference on System Sciences (HICSS'07), 2007

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.