11 security audit essentials

Karthik Poojary, Amazon

11/12

10. W3af - Web application attack and audit framework

Source: w3af

W3af, the Web application attack and audit framework is a version of Metasploit, covering Web applications. W3af is used to exploit Web applications and presents information regarding vulnerabilities, supporting the penetration testing process. W3af consists of two main parts -- the core and plugins. Custom plugins can be written, with inter-plugin communication dealt with by the knowledge base. There is a provision for saving scan reports to text files for later reference.

You can download this tool here.

View All Photo Stories

CIO

Ally's generative AI strategy eyes multiple LLMs, AI agents
The digital bank plans to privately host multiple LLMs on its GenAI platform, explore autonomous agent technology and evaluate ...
States act on privacy laws as Congress considers new bill
The American Privacy Rights Act introduced this week aims to establish a national privacy standard that would preempt state ...
CHIPS and Science Act funds TSMC, Intel projects
The Biden administration has awarded billions through the CHIPS and Science Act to five companies to invest in building and ...

Security

CISA: Akira ransomware extorted $42M from 250-plus victims
The Akira ransomware gang, which utilizes sophisticated hybrid encryption techniques and multiple ransomware variants, targeted ...
Cisco discloses high-severity vulnerability, PoC available
The security vendor released fixes for a vulnerability that affects Cisco Integrated Management Controller, which is used by ...
3 Keycloak authorization strategies to secure app access
Keycloak, an open source IAM tool, offers authorization methods, including RBAC, GBAC and OAuth 2.0, that limit what users can ...

Networking

Is network automation adoption necessary?
Automation is not a one-size-fits-all strategy for every network problem. Enterprises must examine their network's needs to ...
How SD-WAN for home offices supports remote work
The market maturation of SD-WAN is leading companies to consider extending the technology to remote workers. Companies should ask...
The role of generative AI in networking
As networks grow more complex, generative AI emerges as a tool that can help network teams with a wide range of tasks, such as ...

Data Center

Infrastructure for machine learning, AI requirements, examples
Infrastructure for machine learning, deep learning and AI has component and configuration requirements. Compare hardware and how ...
Dell partners with Intel, releases file storage for Azure
With the recent Intel and Azure partnerships, Dell continues to expand its on-premises options for AI while expanding its Apex ...
How to install and run Podman on Rocky Linux
Rocky Linux can run and install Podman, an open source Linux tool and competitor to Docker that uses containers to find, run and ...

Data Management

Collibra launches AI Governance, unveils GenAI capabilities
The vendor's AI Governance suite enables users to ensure the quality and security of AI models while new GenAI features let them ...
Coalesce raises $50M to expand data transformation platform
The startup's new funding is a vote of confidence from investors given how difficult it has been for technology vendors to secure...
Aerospike raises $114M to fuel database innovation for GenAI
The vendor will use the funding to develop added vector search and storage capabilities as well as graph technology, both of ...