HP WebInspect

WebInspect is a web application security assessment tool that helps identify known and unknown vulnerabilities within the Web application layer. It can also help check that a Web server is configured properly, and attempts common web attacks such as parameter injection, cross-site scripting, directory traversal, and more. It was produced by Spidynamics, which is now part of HP. For downloads and more information, visit the HP WebInspect homepage.

#76, 36
Latest release
  • 9.10
  • June 27, 2011 (12 years, 9 months ago)
★★★½ (8)
12% ★★★★
38% ★★★
25% ★★


★★★★ Darkside-Former Support

WebInspect is like trying to Fly an F35 when you have flown a crop duster. Very effective if you have been trained on it. You get the support and product that you pay for. Last I checked, Yes, MSSQL Is required, runs best if MSSQL is running on a separate system.

no rating Fercol

My impressions: - The trial version do not allow check more than one site. - The app needs lots of requirements. - In my desktop (Core2Duo, 4Gb) it runs slowly.

no rating mounika

Hello Ravi, You can refer to link below.


no rating ravi

hi friends, I have registered for hp webinspect(trial version). iam unable to install that on my pc. iam facing issue with sql server mapping.

my doubt is

1) is sql server needed for that to use webinspect.

2) if yes, how to map/configure.

★★ Kari Johansen

Price is to high AND they hide the pricing, not transparent at all.

★★★★ Andreas

A very good scanner ... I'm totally impressed in the results I see.

You can see the other benefits too like the new WAF integration. So that immediate and automated, real-time virtual patching against identified vulnerabilities is possible with Radware’s AppWall http://h20195.www2.hpe.com/v2/GetDocument.aspx?docname=4AA6-4224ENW

Room to improve: price, management (complexity)

★★★★★ john

very good scanner it can find more than bugs. webinspect found a bug from nessus panel :)

★★★ Usuario malicioso

We still use this tool. It's on the high price range, but still very useful. No other tool (except for IBM, and acunetix) can be used consistently in big web environments to consolidate information and previous findings. You can integrate with Burp for more custom testing.

Despite the setbacks after HP acquisition, their development team keeps up with security updates.

The bad side is that the architecture is complex, and consumes a lot of computing resources.

No a tool for kiddies.

★★★ Google

Good scanner, but price is to high so we use acunetix

★★★★ Andrea Bodei

I tried all software above and WebInspect finds more vulnerabilities than any other. The price is very high so anyway We moved to Acunetix.

★★ Steve

The only reason I didn't give this a lower score is because it served a purpose for a long time. Then HP bought them out and like everything they touch the support went downhill. We switched to Acunetix.

Comments disabled

Feed for updates.