Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.


The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Web Application Scanners: Definitions and Functions



Elizabeth N. Fong, Vadim Okun


There are many commercial software security assurance tools that claim to detect and prevent vulnerabilities in application software. However, a closer look at the tools often leaves one wondering which tools find what flaws? This paper identifies a taxonomy of software security assurance tools and focuses on the definition of one type of tool: web application scanner - an automated program designed to examine web applications for security vulnerabilities. The types of functions that are generally found in a web application scanner are described.
Proceedings Title
Proceedings of Hawaii International Conference on System Sciences (HICSS) ? 40
Conference Location
Conference Title
Hawaii International Conference on System Sciences (HICSS) ? 40


Software assurance, software security, software security assurance tool, vulnerability, web application
Created August 1, 2007, Updated February 17, 2017