[Owasp-codereview] [Owasp-leaders] Automated Code Review in a distribuited environment

Paolo Perego thesp0nge at gmail.com
Tue Mar 31 03:26:58 EDT 2009

2009/3/30 Jeff Williams <jeff.williams at owasp.org>:
> The Top 10 is really not specific enough to be a reasonable benchmark for
> any tool.  There is no tool in existence that can search everything covered
> by the T10, and probably never will be.  It would be much more interesting
> to see which of the issues specified in the OWASP ASVS
I agree.

A very little OT.

Jeff, Leaders, List, I'd like to remind you the project I started some
months ago: the Source code flaws Top 10
A very original Owasp Top 10 "little sister", dedicated only to source code.
The idea is not to overlap with the Testing guide but to provide a
bunch (10) of categories to be used when collecting results after a
code review.

Ciao ciao

"stay hungry, stay foolish"

OWASP Orizon project, http://orizon.sourceforge.net
"enjoy your code review experience"

More information about the Owasp-codereview mailing list