I have been selling or supporting WebInspect for years. The one aggravating customer question I always hate, especially when it comes from our newly trained Sales reps, is "Can WebInspect handle my website?" As a preface, I will say that WebInspect is designed only for scanning web sites and web services, so if it uses the HTTP/S protocol, WebInspect is designed to attack it. Obviously the attack database has many specific or named vulnerabilities for due diligence, but the majority of the attacks do not care what the system's technology or brand is.
To help my Sales reps, I built the following graphic. I hope you enjoy it.
For those of you not in on the meme, let me introduce the Honey Badger (NSFW).
~~~~ Habeas Data