Auckland-based CodeScan Labs has released a tool for testing source code for security vulnerabilities. In addition to CodeScan for ASP, released in 2005, the company recently released a version for the PHP scripting language.
The CodeScan tool enables companies to audit web applications for security weaknesses by testing the source code, says Benson. The advantages over traditional, manual penetration or web application testing, which tends to be a tedious process, are huge, he says.
The article continues at http://computerworld.co.nz/news.nsf/devt/CA328F88E7CCD5A5CC2574C20011ED9B