Hello Friends,
Security is a really big concern in web application development as we host our web applications on internet where the security risks and attacks are relatively high. When developing a web system we give special consideration on taking necessary actions to ensure the security of the webapp. Specially we care about authentication, authorization, Prevention of SQL injection and XSS attacks. When the scale of the webapp gets larger and the development team gets more members it will be a cumbersome task to ensure security in each and every page in the webapp manually as they're being developed by different developers. One mistake of a developer may lead to a security whole that may be used to devastate the critical part of the webapp. So it's really essential to have a software tool to find the security vulnerabilities of a developed system in an automated way. Sometime back, I came to know that there is a product named
Acunetix doing that job catching security vulnerabilities of a given website. As far as this software is concerned, I feel it's a great product as it can catch lots of ground breaking security holes and vulnerabilities such as Authentication issues, XSS, SQL injection, etc. In addition to them, it also looks for dead links, 404 errors as well.
Acunetix is a commercial product and genuine buyers have to invest great deal of money on it. On one hand, it's worth buying as it a really helpful tool to perform a security inspection. BTW, I'm asking is there any open-source projects going there to develop such a tool? And what are the tools available to ensure webapp security?
I think Ulf Dittmer may have an answer while others are welcome...
Cheers!
Virajith
