Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: Fortify Source Code Auditing Suite and the like

Fortify Source Code Auditing Suite and the like

From: <spammailme_at_gmail.com>
Date: 17 Feb 2006 16:36:09 -0000
('binary' encoding is not supported, stored as-is) All -

I am looking for feedback as to the 'real world' use of Fortify SCA tool. It states it performs automated 'white box' code reviews and from a demo it does the job pretty pretty quick. The company states it detects security vulns (yet it seems alot are quality findings).

Q: Can anyone provide positive or negagtive expirences using this tool or like tool for JAVA based apps.

Q: Can any of you provide rollout suggestions/strategies that worked for you?

Thanks,

SomePlaceInCanada-ehhh

-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics

ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation

https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl
--------------------------------------------------------------------------
Received on Feb 17 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]