"Marc Maiffret, CTO and chief hacking officer at eEye, said in an
interview today that the company would be entering the Web app security
space "soon." "It's a natural progression for us to add Web app
scanning," says Maiffret, who wouldn't divulge details of the new
offering."
"You can scan for missing patches and vulnerabilities, but you also
need to know there's a SQL injection [flaw] as well," Maiffret says."
Good to see another vendor get into the game. Speaking of scanners, The Web Application Security Consortium has just approved
a new project aimed at outlining the kinds of things application security scanners should be checking for, lead
by Anurag Agarwal. Expect to hear details in upcoming weeks. I've also written an article you should read
Challenges faced by automated web application security assessment tools if you're considering using such a tool/service.
Article Link: http://www.darkreading.com/document.asp?doc_id=130574&WT.svl=news1_1
