AppScan Audit Edition

Category: Vulnerability Scanners
Website: http://www.sanctuminc.com
Manufacturer: Sanctum
Operating System: Windows

Description:
Appscan is another commercial vulnerability scanner which can detect many common server misconfigurations as well as vulnerabilities. This scanner sets itself apart as a lockdown tool by providing great information on security reporting, best practices and real time assessment monitoring abilities to regress security bugs found in the past.

Strengths:
   · Great reporting abilities
   · Forceful browsing allows unlinked directories to be discovered
   · Allows the user to enter a user name and password to find deeper vulnerabilities
   · Includes delta and trend analysis

Weaknesses:
   · Relies on a set of database entries to scan the remote machine
   · Only checks web vulnerabilities

Target:
Webservers

Mitigation/Recommendation:
Keep the server secured with the latest updates and patches.

Price:
$15,000 /Year
$30,000 Perpetual
contact vendor for latest information

Penetration (4):
This tool is great from an administrator point of view but is of very little use to a hacker

Simplicity (9):
Even advanced scans are intuitive and easy to use

Damage Potential (1):
Data gathering only