[Owasp-webgoat] FW: Java Open Review Project
Jeff Williams
jeff.williams at owasp.org
Tue Dec 12 09:07:14 EST 2006
Hi,
Fortify software is using WebGoat to demonstrate the power of their source
code analysis platform. WebGoat is the 'demo' app that anyone can see.
It's fairly cool and shows some security holes I didn't know were there.
Interestingly, it also misses a bunch of the lessons. You should check it
out as the web interface is pretty cool.
There's a way to look at the flaws and comment on whether they're right or
not. The webgoat team has permission to update the pages. Our login is...
http://opensource.fortifysoftware.com
login: webgoat
passwd: getg0at
Check it out.
--Jeff
Jeff Williams, Chair
The OWASP Foundation
"Dedicated to finding and fighting the causes of insecure software"
More information about the Owasp-webgoat
mailing list