Shorter term, get yourself a Web application scanner with Ajax capabilities.
Going Under The Hood
In the IDS/IPS world, one topic that splits vendors into two camps is that of open versus closed signatures. While companies like IBM ISS regard their signatures as secret sauce and tie them closely into the flow of traffic through various decoders and detectors, other products, such as in the popular open-source Snort IDS, decouple the signature language from the processing engine so that signatures can easily be understood and modified.
The same conundrum applies to Web application scanners. When using the open-signature approach and a false positive crops up, it's easy to not only see why it occurred, but you can adjust the signature to minimize recurrence of the error. Likewise, a product with an open-signature language allows for creation of new sigs.
|
This article is the first of a series and is part of NWC's Rolling Review of Web Applications Scanners. Click on that link to go to the Rolling Reviews home page to read all the features and reviews now. |
Which is best? That depends on the environment. For those who want a hands-off product, the closed-system approach isn't a drawback. But companies with unique needs, and the time and energy to invest in adapting products to their environments, will find an open-signature language crucial.
Verizon is demoing crowd analytics technology that uses 5G along with AI and mobile edge computing to give stadium operators insights into the flow of fans throughout a venue.
As we move closer to fully realizing the potential of Wi-Fi 7, it becomes evident that the RF, signaling, and throughput tests are not merely procedural checkpoints but the pillars of excellence in wireless communication.
With low earth orbit (LEO) satellites fast becoming the norm and 3GPP unifying telecom standards around the globe, the satellite IoT and machine-to-machine (M2M) sector ought to be looking at a bright horizon. But is this the case?
