This is problem of misaligned incentives: if you are making a security scanner the last thing you want to do is miss a vulnerability. The result is many false positives.
Alternatively, companies aren’t willing to pay for an automated security scanner that attempts to exploit potential vulnerabilities under fear of what it might do to their systems.
fsociety|2 years ago
didntcheck|2 years ago