Secure Coding mailing list archives

Dr. Dobb's | The Truth About Software Security | January 20, 2007

From: ljknews at mac.com (ljknews)
Date: Tue, 30 Jan 2007 08:11:32 -0500

At 5:24 AM -0500 1/30/07, Kenneth Van Wyk wrote:

Any SC-Lers have any first-hand experience with Veracode that they're
willing to share here?


In particular, www.veracode.com says very little about what ISPs they
will process.  It also implies their analysis is centered around "the
Common Weakness Enumeration (CWE) from MITRE and the Common Vulnerability
Scoring System (CVSS) from FIRST".  That might mean they are centered on
Internet issues.
-- 
Larry Kilgallen

Current thread:

Dr. Dobb's | The Truth About Software Security | January 20, 2007 Kenneth Van Wyk (Jan 30)
- Dr. Dobb's | The Truth About Software Security | January 20, 2007 ljknews (Jan 30)
- Dr. Dobb's | The Truth About Software Security | January 20, 2007 Michael S Hines (Jan 30)
  - Dr. Dobb's | The Truth About Software Security | January 20, 2007 Gadi Evron (Jan 30)
  - Dr. Dobb's | The Truth About Software Security | January 20, 2007 der Mouse (Jan 30)
- Dr. Dobb's | The Truth About Software Security | January 20, 2007 Chris Wysopal (Jan 30)
  - Dr. Dobb's | The Truth About Software Security | January 20, 2007 mudge (Jan 30)