Tenable.io Web Application Scanning Questions
What do you like most about Tenable.io Web Application Scanning?
Thanks for sharing your thoughts with the community!
Please share with the community what you think needs improvement with Tenable.io Web Application Scanning.
What are its weaknesses? What would you like to see changed in a future version?
If you were talking to someone whose organization is considering Tenable.io Web Application Scanning, what would you say?
How would you rate it and why? Any other tips or advice?
Application Security Questions
Jan 25 2021
I'm aware that some apps collect data from other apps and often these data are private data. These data can and will be stored "somewhere" in the world - and eventually sold or exchanged with even more "data collectors" for all kind of purposes (marketing, crime, fraud and hacking). As you (acc. GDPR) have to describe how your protect private data from being distributed - outside your company, you will need a secure setup on your mobile devices.
On a private smart phone (BYOD) or corporate phones with private user profiles, users are making private backups of smart phones - with all smart phone data. When an employee ends his career at a company, these data will still be available on the private backup- and can be restored into a new smart phone.
How do you avoid these situations?
With BYOD devices (Bring Your Own Device), the challenges are even more complex. Often the users do not want two smart phones to handle and often they like to use their private smart phones for work.
To me the solution is quite simple. Use corporate smart phones and allow private data outside a corporate container on the smart phone with business apps only..... BUT that's (with my experience) not how the companies / organizations are handling the smart phones challenges.
What's your experience ?
Jan 13 2021
There are many cybersecurity tools available, but some aren't doing the job that they should be doing.
What are some of the threats that may be associated with using 'fake' cybersecurity tools?
What can people do to ensure that they're using a tool that actually does what it says it does?
Sep 24 2020
Is SonarQube is the best tool for static analysis or there are any good tools which compete with SonarQube?
Aug 10 2020
On July 15, 2020, several verified Twitter accounts with millions of followers were compromised in a cyberattack. Many of the hacked accounts we protected using two-factor authentication, which the hackers were somehow able to bypass.
Hacked accounts included Barack Obama, Joe Biden, Bill Gates, Jeff Bezos, Mike Bloomberg, Warren Buffett, Kim Kardashian, and Kanye West, Benjamin Netanyahu, and several high profile tech companies, including Apple and Uber.
The hackers posted variation of a message asking follower to transfer thousands of dollars in Bitcoin, with the promise that double the donated amount would be returned.
How could Twitter have been better prepared for this? How do you rate their response?
Many companies wonder about whether SAST or DAST is better for application security testing. What are the relative benefits of each methodology? Is it possible to make use of both?
I am researching application security software for my organization. We provide systems to the airline industry.
Which products provide both vulnerability scanning and quality checks?
Which one(s) do you recommend and why?
Oct 09 2020
Let the community know what you think. Share your opinions now!
Product CategoriesApplication Security
Download our free Application Security Report and find out what your peers are saying about Tenable Network Security, PortSwigger, Checkmarx, and more!
- When evaluating Application Security, what aspect do you think is the most important to look for?
- Which application security solutions include both vulnerability scans and quality checks?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- Is SonarQube the best tool for static analysis?
- What are the OWASP top 10 in 2020?
- SAST vs. DAST: Which is better for application security testing?