Title :
Penetration Testing for Web Services
Author :
Antunes, Nuno ; Vieira, Marco
Author_Institution :
Univ. of Coimbra, Coimbra, Portugal
Abstract :
Web services are often deployed with critical software security faults that open them to malicious attack. Penetration testing using commercially available automated tools can help avoid such faults, but new analysis of several popular testing tools reveals significant failings in their performance. The Web extra at http://youtu.be/COgKs9e679o is an audio interview in which authors Nuno Antunes and Marco Vieira describe how their analysis of popular testing tools revealed significant performance failures and provided important insights for future improvement.
Keywords :
Web services; program testing; safety-critical software; security of data; Web services; commercially available automated tools; critical software security faults; malicious attack; penetration testing; Computer security; Computer viruses; Runtime; Simple object access protocol; Software testing; Web and internet services; SQL injection; Web security scanners; Web services; code vulnerabilities; command injection; penetration testing; vulnerability detection;
DOI :
10.1109/MC.2013.409
