:41 PM
To: Matt Fisher
Cc: Kenneth Van Wyk; Secure Coding
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Right now, officially, I think that is about it. IBM, Veracode, and
AoD (in Germany) claims they have this too.
As Mattyson mentioned, Veracode only does static binary analysis
Arian J. Evans wrote...
The problem I had in the past with benchmarks was the huge degree of
customization in each application I would test. While patterns emerge
that are almost always automatable to some degree, the technologies
almost always require hand care-and-feeding to get them to an
-boun...@securecoding.org] On
Behalf Of Arian J. Evans
Sent: Tuesday, July 28, 2009 1:41 PM
To: Matt Fisher
Cc: Kenneth Van Wyk; Secure Coding
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Right now, officially, I think that is about it. IBM, Veracode, and
AoD (in Germany) claims they have
Great answer, John. I especially like your point about web.xml.
This goes dually for black-box testing. There would be a lot of
advantage to being able to get (and compare) these types of config
files today for dialing in BBB (Better Black Box vs. blind black box)
testing. I don't think anyone is
Wow indeed. Does that makes IBM the only vendor to offer both Static
and Dynamic software security testing/analysis capabilities?
Thanks Regards,
Prasad N. Shenoy
On Tue, Jul 28, 2009 at 10:19 AM, Kenneth Van Wykk...@krvw.com wrote:
Wow, big acquisition news in the static code analysis space
iirc but it clearly must
not haved had the share ounce does.
-Original Message-
From: Prasad Shenoy prasad.she...@gmail.com
Sent: July 28, 2009 12:22 PM
To: Kenneth Van Wyk k...@krvw.com
Cc: Secure Coding SC-L@securecoding.org
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc
-
From: Prasad Shenoy prasad.she...@gmail.com
Sent: July 28, 2009 12:22 PM
To: Kenneth Van Wyk k...@krvw.com
Cc: Secure Coding SC-L@securecoding.org
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Wow indeed. Does that makes IBM the only vendor to offer both Static
and Dynamic software security
...@krvw.com
Cc: Secure Coding SC-L@securecoding.org
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Fortify (www.fortify.com) has Partnered with WhiteHat Security
(www.whitehatsec.com) too
Tom Brennan
Board Member - OWASP Foundation
Url: www.owasp.org | Tel: 973-202-0122
http://www.linkedin.com
, 28 Jul 2009 11:29:30
To: Prasad Shenoyprasad.she...@gmail.com; Kenneth Van Wykk...@krvw.com
Cc: Secure CodingSC-L@securecoding.org
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Pretty much. Hp /spi has integrations as well but I don't recall devinspect
ever being a big hit. Veracode does
as well iirc but it clearly must not haved had the share ounce does.
-Original Message-
From: Prasad Shenoy prasad.she...@gmail.com
Sent: July 28, 2009 12:22 PM
To: Kenneth Van Wyk k...@krvw.com
Cc: Secure Coding SC-L@securecoding.org
Subject: Re: [SC-L] IBM Acquires Ounce Labs, Inc.
Wow
At 8:39 AM -1000 7/28/09, Jim Manico wrote:
A quick note, in the Java world (obfuscation aside), the source and
binary is really the same thing. The fact that Fortify analizes
source and Veracode analizes class files is a fairly minor detail.
It seems to me that would only be true for
11 matches
Mail list logo