Tools
Specialized web application security tools exist to discover vulnerabilities and misconfigurations, triage them, temporarily mitigate them, and manage the whole testing and fixing process. There are many classes of web security tools that cover different areas of the application lifecycle and different types of security testing. Knowing the intended use and limitations of each class of tools is crucial for building a toolchain that works best for your specific environment.
Here are the most important classes of web application security tools at a glance – see the full index for more: