At Nullcon security conference last week, NCC Group presented detailed research about vulnerability detection with automated vulnerability scanners.
Even the best scan results contained about 50% of false-positives.
We definitely need a game changer for web security market, and the time for that has now come.
Everything is done online and is available 24/7 from any machine, including your smartphone.
According to High-Tech Bridge, they dont just test OWASP Top 10.
Both actually support XML vulnerability data export for integration with your SIEM or WAF.
Its actually the proprietary technology that High-Tech Bridge names hybrid in real time.
As one may conclude from the name, its a hybrid of automated and manual testing.
Every detected vulnerability is manually validated and approved by a human, guarantying zero false-positives.
As a result, there is no time gap to putting together manual and automated testing results.
source: www.techworm.net
