Although WebInspect is easily managed and the dashboard presents an easy-to-understand view of your scan, the real power lies within the dynamic and robust scanning engine. WebInspect boasts full support for Web 2.0 architectures and includes scanning for AJAX, SOAP and Flash.
Many other products also test similar architectures, but the vulnerabilities WebInspect can uncover were evident in our testing and the product performs exceptionally. We found the profiling optimisation a nice feature that allows a user to take advantage of recommended settings before scans are executed.
The product comes with several useful tools, as well as a compliance and policy management editor for enhanced customisation. Macro and replay-based scanning options are also helpful.
Documentation contains an adequate blend of text and screenshots. Reports are solid and cover many useful categories. However, both the HP and SPI Dynamics support site contain statements that unifying support is still in progress. Most support and product information is contained within the old SPI Dynamics site.
Pricing for HP WebInspect 7.7 starts at US$25,000. Standard support is included with the product and 24/7 support is available for additional cost. We would consider the price of the product to be high given that many of its peers provide similar feature sets for lower cost.
For: Powerful scanning engine, robust set of features that continue to evolve
Against: High price for not having true enterprise capabilities out of the box
Verdict: A top product with an extensive set of features and configuration options