I am reading this interesting document
provided by OWASP http://www.owasp.org , an "open source" security organization.
The dream was to find an intelligent PENETRATION (gasp!) test tool that find for you the security weaknesses of a Web Application (including Web Services).
See also http://en.wikipedia.org/wiki/Penetration_testing .
Anyway to quote the already quoted Gary McGraw,
“If you fail a penetration test you know you have a very bad problem indeed. If you pass a penetration test you do not know that you don’t have a very bad problem".
So, don't think that you are not PENETRABLE only because an AUTOMATED TOOL cannot PENETRATE you. Sorry but all this PENETRATION talks make me laugh. I am just Italian.
We shall cover later how to TEST your SECURITY. For a start never bend to pick up object that you dropped hahaha.