My organization doesn't have the kind of budget needed to thoroughly check our Web applications for security flaws, but I've seen that one vendor is launching a free service that promises to scan for Web application vulnerabilities. Are free services going to be enough to help us assess our Web applications, or is more needed?