There seems to be an abundant number of vulnerability scanners out there for web applications and I'm wondering of the market potential left for new vulnerability scanners with some differentiation (not so much on the technology side)?<p>Thanks for your input fellow hackers
There are a lot, and it is possible that new ones can make inroads.<p>But there are a number of good open source or free vulnerability scanners. Skipfish from lcamtuf is extremely fast. Burp from Portswigger, which seems to do very well in head-to-head comparisons has a free version. It is very actively developed and has a very large feature set.<p>Here is a comparison chart of scanners: <a href="http://www.sectoolmarket.com/price-and-feature-comparison-of-web-application-scanners-unified-list.html" rel="nofollow">http://www.sectoolmarket.com/price-and-feature-comparison-of...</a><p>A lot of thought would have to go into what features does the market feel are missing, and how difficult is it go get the coverage needed.