[Owasp-leaders] [balint:6040] Access to SAST tooling
mike.goodwin at owasp.org
Fri Oct 27 14:13:55 UTC 2017
Thanks for the suggestion Timur.
I looked at SonarQube but it only lists 9 rules explicitly as
only (e.g. "LocalStorage should not be used"). My app is and Angular SPA
with a node.js backend so I would like a tool that will give me some good
coverage of both the client and server side if possible.
On 27 October 2017 at 12:44, Timur 'x' Khrotko [owasp] <timur at owasp.org>
> The big and ridiculously overpriced tools not always better ;)
> On Fri, 27 Oct 2017 at 13:23, Mike Goodwin <mike.goodwin at owasp.org> wrote:
>> Hello all,
>> I'm interested in building static code scanning into my OWASP tool
>> project <https://www.owasp.org/index.php/OWASP_Threat_Dragon> but they
>> are pretty expensive. Does OWASP have any organisation-wide license for a
>> tool to do this? Or a subscription to an online service?
>> Best regards,
>> *Mike Goodwin*
>> OWASP Newcastle UK Chapter Leader
>> OWASP Threat Dragon Project Leader
>> This message may contain confidential information - you should handle it
>> OWASP-Leaders mailing list
>> OWASP-Leaders at lists.owasp.org
> secmachine․net #wepowersecdev
OWASP Newcastle UK Chapter Leader
OWASP Threat Dragon Project Leader
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders