WebApp Sec mailing list archives
Fortify Source Code Auditing Suite and the like
From: spammailme () gmail com
Date: 17 Feb 2006 16:36:09 -0000
All - I am looking for feedback as to the 'real world' use of Fortify SCA tool. It states it performs automated 'white box' code reviews and from a demo it does the job pretty pretty quick. The company states it detects security vulns (yet it seems alot are quality findings). Q: Can anyone provide positive or negagtive expirences using this tool or like tool for JAVA based apps. Q: Can any of you provide rollout suggestions/strategies that worked for you? Thanks, SomePlaceInCanada-ehhh ------------------------------------------------------------------------- This List Sponsored by: SpiDynamics ALERT: "How A Hacker Launches A Web Application Attack!" Step-by-Step - SPI Dynamics White Paper Learn how to defend against Web Application Attacks with real-world examples of recent hacking methods such as: SQL Injection, Cross Site Scripting and Parameter Manipulation https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- Fortify Source Code Auditing Suite and the like spammailme (Feb 17)
- Re: Fortify Source Code Auditing Suite and the like Dhruv Soi (Feb 17)