This method will scan the web server for the top 20 vulnerabilities list published by SANS/FBI (www.sans.org)
· WebInspect is an impressive Web server and application-level vulnerability scanner which scans over 1500 known attacks.
· It checks site contents and analyzes for rudimentary application-issues like smart guesswork checks, password guessing, parameter passing, and hidden parameter checks.
· It can analyze a basic Webserver in 4 minutes cataloging over 1500 HTML pages
WebInspect enables application and web services developers to automate the discovery of security vulnerabilities as they build applications, access detailed steps for remediation of those vulnerabilities and deliver secure code for final quality assurance testing.
With WebInspect, the developer can find and correct vulnerabilities at their source, before attackers can exploit them. WebInspect provides the technology necessary to identify vulnerabilities at the next level, the Web application.