翻訳と辞書 Words near each other ・ Web part ・ Web performance optimization ・ Web Piston ・ Web Platform Installer ・ Web portal ・ Web presence ・ Web Processing Service ・ Web application ・ Web Application Description Language ・ Web application development ・ Web Application Distribution Infrastructure ・ Web application framework ・ Web Application Messaging Protocol ・ Web Application Proxy ・ Web application security ・ Web application security scanner ・ Web ARChive ・ Web Archives (file format) ・ Web archiving ・ Web audience measurement ・ Web Automated Human Interaction ・ Web badge ・ Web banner ・ Web beacon ・ Web blocking in the United Kingdom ・ Web Bot ・ Web brigades ・ Web browser ・ Web browser engine ・ Web browser history (disambiguation) Dictionary Lists mini英和辞書 mini和英辞書 Webster 1913 Latin-English FOLDOC Wikipedia English ウィキペディア

翻訳と辞書　辞書検索 [ 開発暫定版 ] スポンサード リンク Web application security scanner ： ウィキペディア英語版 Web application security scanner A web application security scanner is a program which communicates with a web application through the web front-end in order to identify potential security vulnerabilities in the web application and architectural weaknesses.〔gcjggvj(Web Application Security Scanner Evaluation Criteria version 1.0 ), WASC, 2009〕 It performs a black-box test. Unlike source code scanners, web application scanners don't have access to the source code and therefore detect vulnerabilities by actually performing attacks. Web applications have been highly popular since 2000 because they allow users to have an interactive experience on the Internet. Rather than just view static web pages, users are able to create personal accounts, add content, query databases and complete transactions. In the process of providing an interactive experience web applications frequently collect, store and use sensitive personal data to deliver their service. Customers benefit from the convenience of these applications, while tacitly taking on risk that private information stored in web applications will be compromised through hacker attacks, insider leaks etc. According to the Privacy Rights Clearinghouse, more than 18 million customer records have been compromised in 2012 due to insufficient security controls on corporate data and web applications. ==Overview== A web application security scanner facilitates the automated review of a web application with the expressed purpose of discovering security vulnerabilities, and are required to comply with various regulatory requirements. Web application scanners can look for a wide variety of vulnerabilities, including: * Input/Output validation: (Cross-site scripting, SQL Injection, etc.) * Specific application problems * Server configuration mistakes/errors/version In a copyrighted report published in March 2012 by security vendor (Cenzic ), the most common application vulnerabilities in recently tested applications include: :: Web applications security scanners typically rely on fully automated scanning, however a 'hybrid' approach, pioneered by High-Tech Bridge, is emerging which aims to address the issue of false-positive reporting by having humans involved in the assessment process. 抄文引用元・出典: フリー百科事典『 ウィキペディア（Wikipedia）』 ■ウィキペディアで「Web application security scanner」の詳細全文を読む スポンサード リンク 翻訳と辞書 : 翻訳のためのインターネットリソース Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.