A comparative study of web application security scanners for vulnerability detection

A Web Vulnerability Scanner (WVS) is a software tool that assesses the security of web applications by conducting automated penetration tests. It speeds up the process, reduces costs, and eliminates the need for specialized testing engineers. This study evaluates the vulnerability detection capabili...

Celý popis

Uložené v:
Podrobná bibliografia
Vydané v:I-Manager's Journal on Software Engineering Ročník 17; číslo 4; s. 1
Hlavní autori: Hasan, Abualese, Thamer, Al-Rousan
Médium: Journal Article
Jazyk:English
Vydavateľské údaje: Nagercoil iManager Publications 01.04.2023
Predmet:
Applications programs
Comparative studies
Electronic banking
Literature reviews
Machine learning
Operating systems
Penetration tests
Performance evaluation
Scanners
Security
Software
Structured Query Language-SQL
ISSN:0973-5151, 2230-7168
On-line prístup:Získať plný text
Tagy: Pridať tag
Žiadne tagy, Buďte prvý, kto otaguje tento záznam!
Popis
Shrnutí:A Web Vulnerability Scanner (WVS) is a software tool that assesses the security of web applications by conducting automated penetration tests. It speeds up the process, reduces costs, and eliminates the need for specialized testing engineers. This study evaluates the vulnerability detection capabilities of six WVSs, three commercial scanners, and three open-source scanners. The goal is to identify and mitigate potential security risks before they are exploited by malicious users. The study employed two well-known vulnerable web applications and four relevant metrics, such as detection rate of accuracy, recall, precision, and the ability to detect different vulnerabilities using the Open Web Application Security Project (OWASP) as a reference.
Bibliografia:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0973-5151
2230-7168
DOI:10.26634/jse.17.4.19813