[Owasp-board] When do we start? QA

johanna curiel curiel johanna.curiel at owasp.org
Thu Jun 5 18:48:31 UTC 2014


What do we need from Checkmarx? A license to scan OWASP projects?

yes indeed, to execute code analysis


On Thu, Jun 5, 2014 at 2:39 PM, Dinis Cruz <dinis.cruz at owasp.org> wrote:

> I'm working directly with Checkmarx and meet with Maty last month at
> infosec (we are integrating TeamMentor with Checkmarx).
>
> What do we need from Checkmarx? A license to scan OWASP projects?
> On 5 Jun 2014 15:16, "johanna curiel curiel" <johanna.curiel at owasp.org>
> wrote:
>
>> Hi Carlos,
>>
>> I agree with you totally. I think we need to analyze which tools can be
>> actually be ported to SWAMP and which not since SWAP is relative new and
>> only supports a C,C++, and Java code/package tools using a C/C++ build
>> script on Linux/Unix OS.
>>
>> We need to create a transition plan because SWAP can benefit OWaSP tools
>> in many ways , however , we need to make sure that we can actually set
>> tools with the correct code/scripts ready for code analysis in SWAMP
>> environment.
>>
>> regards
>>
>> Johanna
>>
>>
>> On Thu, Jun 5, 2014 at 10:05 AM, Carlos Allendes <
>> carlos.allendes at owasp.org> wrote:
>>
>>> Johanna and Sarah
>>>
>>> I was reviewing the SWAMP features, and I think that still is not ready
>>> for what we need, on the other hand, there are several tools that if could.
>>> my suggestion for code analysis, is  www.checkmarx.com,  because
>>> support 18 kinds of source-code, is very user friendly and which Cx is also
>>> an active member of OWASP.
>>> (This is just my suggestion, but if someone would like to propose
>>> another tool, I'm all eyes... )
>>>
>>>
>>> I'm asking now to Maty Siman (CTO and founder of Cx) for support and
>>> tool acces for our initiative.
>>>
>>> But may be  a good idea if  Sarah can help us to make he first contact.
>>> Can you Sarah?
>>>   I'll send you my previous mail to M.Simon  in the case of...
>>>
>>>
>>> Regards!
>>>
>>>
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>> Languages supported by Cx
>>> Java, C# / .NET, PHP, C, C++, Visual Basic 6.0, VB .NET, Flash, APEX,
>>> Ruby, Javascript, ASP, Perl, Android, Objective C, PL/SQL, HTML5.
>>> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>>>
>>> ----------
>>> Carlos Allendes Droguett
>>> OWASP Chile, chapter leader
>>> e-Mail: carlos.allendes at owasp.org
>>> skype: carlos_allendes_droguett
>>>
>>> Mailing list:  http://goo.gl/LBELa
>>> Webpage :  http://goo.gl/9wuFX
>>>
>>>   ** In God we trust. All others must bring data. **
>>> ----------
>>>
>>>
>>>
>>>
>>  --
>> You received this message because you are subscribed to the Google Groups
>> "OWASP Projects Task Force" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to owasp-projects-task-force+unsubscribe at googlegroups.com.
>> For more options, visit https://groups.google.com/d/optout.
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-board/attachments/20140605/3ca5b5e5/attachment.html>


More information about the Owasp-board mailing list