by eValid » Thu Dec 05, 2013 4:20 pm
Yes, it is true that many potential vulnerabilities can be found by analyzing the pre-downloaded content that exists in various forms on your website.
The main advantage of the eValid approach, which performs the analysis entirely on what IS actually downloaded to a client user, is that the analysis process does not have the possibility to be confused by any OTHER information than what an actual client user will see.
While it is true that if your server get's hacked, a bad guy may be able to overcome security on your site from the server side, it is also true that the MAJORITY of attacks are originated from what is sent out to clients.
One other advantage: eValid can emulate/simulate/imitate ANY type of client...so a vulnerability that is not evident when your server is deliverying HTML to an IE/FireFox/Safari/Chrom browser may be evident when that same server is producing HTML for an iPhone or iPat or some other such non-PC device.
__________________
eValid Support