SANS reviews HP WebInspect

Picture1.pngThe SANS Institute recently did an in-depth evaluation of WebInspect to determine how well it meets market demands and its effectiveness in securing web applications. So we've known for years that the weakest points in modern infrastructures are web applications. Older web applications simply were not developed with security in mind, application development teams tend to stick to the original version of 3rd party components that ultimately become vulnerable, both old and new technologies alike continue to introduce new vulnerabilities, and on and on. There are myriad other reasons that application security only continues to increase in complexity, all of them making enterprises that much harder to secure. 


Ultimately, organizations need an application security solution that's both scalable and effective in finding and fixing web application vulnerabilities. SANS takes a close-up look at the latest version of HP WebInspect, and gives insight into how it can effectively be used to secure web applications. Along with an in-depth feature examination, SANS also reviewed WebInspect's effectiveness in meeting a variety of critical categories including:


•Automation and Ease in Configuration

•Support for Large Scans

•False Positive Reduction

•Advanced Attack Technique Simulation

•Detailed Reporting and Remediation Guidance


So how did WebInspect do? You can register and download the evaluation from here:


As well, we cover the results in a webinar which can be viewed here:


Bonus: the webinar includes an extremely animated yours truly covering the current state of the application security landscape. That's worth the price of admission alone :-)

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Showing results for 
Search instead for 
Do you mean 
About the Author

Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.