Methodologies & Tools For Web Application Security Assessment

Web application security assessments are a crucial phase in the development life-cycle of any web application. The process of assessing a web application should be handled using the same approach as any other testing (e.g., Unit testing, Quality Assurance, etc.). A well-documented methodology should be followed carefully, and in most cases, the use of automated tools will speed up the process.

This white paper suggests a methodology for web application security assessments, as well as an explanation on how to use automated tools for accelerating the assessment process.