"Marc Maiffret, CTO and chief hacking officer at eEye, said in an interview today that the company would be entering the Web app security space "soon." "It's a natural progression for us to add Web app scanning," says Maiffret, who wouldn't divulge details of the new offering."

"You can scan for missing patches and vulnerabilities, but you also need to know there's a SQL injection [flaw] as well," Maiffret says."

Good to see another vendor get into the game. Speaking of scanners, The Web Application Security Consortium has just approved a new project aimed at outlining the kinds of things application security scanners should be checking for, lead by Anurag Agarwal. Expect to hear details in upcoming weeks. I've also written an article you should read Challenges faced by automated web application security assessment tools if you're considering using such a tool/service.

Article Link: http://www.darkreading.com/document.asp?doc_id=130574&WT.svl=news1_1