Revision as of 14:55, 29 October 2007 edit NEUrOO (talk \| contribs) 68 edits →Vulnerabilities ← Previous edit		Revision as of 15:01, 29 October 2007 edit undo NEUrOO (talk \| contribs) 68 edits →Weaknesses and limitations Next edit →
Line 16: Like every testing tools, the web application security scanner is not a perfect tool, it has strength and weaknesses. === Weaknesses and limitations === * Because the tool is implementing a [[dynamic testing]] method, it cannot cover 100% of the source code of the application and then, the application itself. * It is really hard for a tool to find lots of logical flaws such as the use of weak [[cryptographic]] functions * Even for technical flaws, if the application doesn't give enough clue, the tool cannot catch it * The tool cannot implement all variants of type of attacks for all vulnerabilities, this would take too long time to launch every attacks

Dynamic application security testing: Difference between revisions