How do free scanners compare with commercial scanners?
The free scanners we have seen lag behind commercial scanners. There’s no published report comparing the two categories (if there’s one we have missed, please let us know), but here’s what we have made out over the last few years.
Most importantly, the open source scanners do not let you log in to an application and test it. That’s a major shortcoming that we hope will get fixed soon.
Scanners have traditionally been good at detecting web server vulnerabilities. The free scanners support less number of web servers, and also discover fewer vulnerabilities in those they support.
The chances of a free scanner eliciting errors is lesser as the number of fault injection test cases is lesser in free scanners.
The number of test cases for attacks like SQL Injection/XSS is also less in free scanners. This is not as big an issue as it’s sometimes made out to be. We explain why the number of test cases is not so important here.