« Periodic Blurbs (Warning: Exhortation Inside) | Main | Can I Buy a Vowel? »

August 22, 2007



Does this also spell the end for companies just starting out that feel that they could create a webapp security scanner (aka fault-injector) that is superior to FortifySoftware Tracer, Acunetix, SyHunt, Hailstorm, beSTORM, AppScan, WebInspect, and Veracode?

Where are these companies? Why don't they exist? What's going to happen to the web application vulnerability scanner market?

Shahar Sperling

Not necessarily.
First of all, remember that this is a young industry. I hail from the Telecom industry, where you're still an up-and-coming company if you've only been around for 10 to 15 years. Give them time. The market will grow, and we will see a fourth option in the future (to pen-testing, code scanners, app-scanners). It's the nature of things.
The "Legacy" telephony platforms got blindsided by VOIP. I'm sure we'll get blindsided by something new. God knows what Silverlight and the likes hold in store for us.
The industry will grow. More and more of our lives migrates to the web. There will be plenty of technologies to hack and to protect. Plenty of space to roam in. Plenty of money to be made.
Someone is always looking for the next web search-engine, the next firewall, the next application server. They will look for the next tool to make their web-application safer.

The comments to this entry are closed.

Follow us on Twitter

AppScan Free Trial

Try IBM Security AppScan software at no charge.

Become a Fan