Fortify has graciously donated these vulnerability writeups to OWASP, where they will be maintained wikipedia-style. We have a strong team of reviewers in place to review all changes daily. There are a total of almost 500 vulnerabilities now, from Fortify, CLASP, and many other sources. We're creating an interlinked knowledgebase of common application security principles, threats, attacks, vulnerabilities, and countermeasures. Anyone can participate, so come help us out.
http://www.owasp.org/index.php/Category:OWASP_Honeycomb_Project --Jeff -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Gergely Buday Sent: Wednesday, August 09, 2006 10:08 AM To: Secure Coding Subject: [***SPAM (header)***] - Re: [SC-L] A New Open Source Approach to Weakness - Email found in subject On 09/08/06, Kenneth Van Wyk <[EMAIL PROTECTED]> wrote: > > FYI, here's an article about Fortify's pernicious kingdom taxonomy of common > coding defects that I thought would be of interest here: > > http://www.internetnews.com/dev-news/article.php/3623751 The link to the original paper is: http://vulncat.fortifysoftware.com/docs/tcm_taxonomy_submission.pdf Cheers - Gergely _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php
