Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Web Application Scanners: Definitions and Functions

Published

Author(s)

Elizabeth N. Fong, Vadim Okun

Abstract

There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what flaws? This paper identifies a taxonomy of software security assurance tools and focuses on the definition of one type of tool: web application scanner - an automated program designed to examine web applications for security vulnerabilities. The types of functions that are generally found in a web application scanner are described.
Proceedings Title
Hawaii International Conference On System Sciences (HICSS) | 40th | | University of Hawaii College of Business
Conference Dates
January 3-6, 2007
Conference Title
Hawaii International Conference on System Sciences

Keywords

software assurance, software security, software security assurance tool, vulnerability, web application

Citation

Fong, E. and Okun, V. (2007), Web Application Scanners: Definitions and Functions, Hawaii International Conference On System Sciences (HICSS) | 40th | | University of Hawaii College of Business (Accessed October 8, 2024)

Issues

If you have any questions about this publication or are having problems accessing it, please contact reflib@nist.gov.

Created January 3, 2007, Updated February 17, 2017