Secure Coding mailing list archives
Java Open Review Project
From: brian at fortifysoftware.com (Brian Chess)
Date: Mon, 11 Dec 2006 22:09:59 -0800
Hello all, I'm pleased to announce that we've just launched the Java Open Review Project (http://opensource.fortifysoftware.com). We're reviewing open source Java code all the way from Tomcat down to PetStore looking for bugs and security vulnerabilities. We're using two static analysis tools to do the heavy lifting: FindBugs and Fortify SCA. We can use plenty of human eyes to help sort through the results. We're also soliciting ideas for which projects we should be reviewing next. Please help! Brian
Current thread:
- Java Open Review Project Brian Chess (Dec 11)