This article, the first in a three-part series, will provide an overview of what you need to know to perform a vulnerability assessment to check for web security risks. Itll show you what you can reasonably expect a web application security scanner to accomplish, and what types of assessments still require expert eyes. The following two articles will show you how to remedy the web security risks a vulnerability assessment will uncover (and therell be plenty to do), and the final segment will explain how to instill the proper levels of awareness, policies, and technologies required to keep web application security flaws to a minimum¡ªfrom an applications conception, design, and coding, to its life in production.
