The Ethical Hacker Network - Cenzic Hailstorm and Veracode comparison?

Latest Additions

Who's Online

EH-Net > Resources > Tools (Moderator: don) > Cenzic Hailstorm and Veracode comparison?

Pages: [1] Go Down

	Author	Topic: Cenzic Hailstorm and Veracode comparison? (Read 4197 times)
0 Members and 1 Guest are viewing this topic.

tyweed

Newbie

Offline

Posts: 1

Cenzic Hailstorm and Veracode comparison?

« on: November 08, 2011, 02:02:52 PM »

I'm currently in the process of trying to find a web application vulnerability management service. Currently, I have been unable to find out much behind these two technologies. I was curious if any of you have ever had experience with them here are few questions I have.

1. Do either test for header injections in particular cookies.

2. How is the blind sql testing?

3. DOM tests either have the ability to test these issues?

4. False positives, either produce high false positives?

any other information would be helpful in helping me make a decision!


	Logged

epeterson

Newbie

Offline

Posts: 1

Re: Cenzic Hailstorm and Veracode comparison?

« Reply #1 on: November 10, 2011, 12:28:39 AM »

Hi Tyweed, I work for Veracode and I am responsible for Veracode's web application security assessment & risk management solutions.

We test for a wide range of web application security issues including those that you list, if you would like to discuss it in more detail feel free to send me an email and I will be happy to send you more information.

Thank you for your interest in Veracode!

-Erik
www.veracode.com