[Owasp-leaders] Legality of dynamic scanning
christian.heinrich at owasp.org
Thu Nov 3 20:10:28 EDT 2011
On Fri, Nov 4, 2011 at 6:19 AM, Keith Turpin <keith.turpin at owasp.org> wrote:
> Has anyone heard of anyone implementing a policy that would require the
> software vendor's authorization to due this type of testing?
Depends on the software license, i.e. "reverse engineering" is
prohibited, but a vendor may be willing to release this information
It is easier to negotiate this during procurement e.g.
More information about the OWASP-Leaders