OS XSS and SQL scanner

On 01/08/06 13:35 -0500, Arian J. Evans wrote:
>  
> 
> > -----Original Message-----
> > From: Mandeep Khera [mailto:mandeepcenzic.com] 
> > 
> > I am sorry to hear that you perceive some problems
with our 
> > product. We take pride in being the most accurate
product 
> > with least amount of false positives in the
industry. This 
> > has been proven in many bake-offs by customers and

> > independent journalists.
> 
> Hate to take this a little off topic, but do you have
any facts
> that can support or back up these claims? Any data
produced by
> anyone competent that speaks to your "false
positives" and also
> your "false negatives"?
> 

(S)he said that they had the least amount of false
positives. If
everyone else had 100000 FPs, while they had 99999 FPs, that
is the
least number of FPs too. That doesn't mean that the product
is useful in
any way.

Devdas Bhagat

------------------------------------------------------------
-------------
Sponsored by: Watchfire

Do you test web applications for XSS, SQL Injections, Buffer
Overflows, 
Logical issues and other web application security threats?
Why not 
automate this work with Watchfire's AppScan, the world's
leading 
automated web application scanner. Download AppScan today!

https://www.watchfire.com/securearea/app
scancamp.aspx?id=701300000008BP9
------------------------------------------------------------
--------------