Web application attacks are very common and could lead to security breaches in an enterprise.  Web applications are vulnerable to malicious attacks either due to misconfigurations, poor coding or inherited vulnerabilities of the web platform and framework.  With the acquired web vulnerability scanning tool, WebInspect, we are able to scan the web applications to identify the vulnerabilities exposed to web-related attacks like SQL injection, cross-site scripting and remote file execution.  The scanner is able to crawl the website and deeply analyse the web structure, ensuring that each web page, input field and parameter is inspected.  The detected vulnerability result could then be passed back to the application team to perform corresponding code update or patch.