The Perception & Misconceptions of Automated Web Scanners on Security Weekly Show #492

Category: News - Last Updated: Thu, 15 Dec 2016 - by Robert Abela

There are many misconseptions surrounding black box web vulnerability scanners. Watch episode number 492 of the popular show Security Weekly during which Ferruh Mavituna, Larry Perce, Joff Thyer and the show’s host Paul Assadoorian discuss the below misconceptions and more:

  1. Web scanners report a lot of false positives. Maybe back in the days scanners used to report a lot of false positives, though nowadays the Netsparker scanners are dead accurate thanks to the unique Proof-Based ScanningTM technology.
  2. There hasn’t been any particular breakthrough in the scanners’ industry, making the tools outdated.
  3. Scanners cannot scan and find vulnerabilities in modern Web 2.0+ / HTML5 / Single Page applications.
  4. Some security professionals tend to shy away from automation because they think tools such as black box scanners won't find anything that they can’t find manually.
  5. People believe that scanners can only find low-hanging fruit.


Keep up with the latest web security
content with weekly updates.