SAMATE – NIST Software Assurance

It contains guidelines for identification, enhancement and development of software assurance tools.

Sample WebApp scanner specifications specified by SAMATE as below: LINK

WA-RM-1: Identify all of the types of vulnerabilities listed in Annex A.

WA-RM-2: Report an attack that demonstrates the vulnerability.

 WA-RM-3: Specify the attack by providing script location, inputs, and context.


WA-RM-4: Identify the vulnerability with a name semantically equivalent to those in Annex A. WA-RM-5: Be able to authenticate itself to the application and maintain logged-in state.


Have an acceptably low false positive rate.


About wikihead

A Seeker. Information Security Professional, Pursuing Life with Ayurveda.
This entry was posted in Articles, Security Management and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s