[Owasp-leaders] [balint:6040] Access to SAST tooling
dibyendu.coder at gmail.com
Fri Oct 27 14:24:22 UTC 2017
Have a look at Coverity ! Free for open source projects ......
On Fri, Oct 27, 2017 at 7:43 PM, Mike Goodwin <mike.goodwin at owasp.org>
> Thanks for the suggestion Timur.
> I looked at SonarQube but it only lists 9 rules explicitly as
> only (e.g. "LocalStorage should not be used"). My app is and Angular SPA
> with a node.js backend so I would like a tool that will give me some good
> coverage of both the client and server side if possible.
> Best regards,
> On 27 October 2017 at 12:44, Timur 'x' Khrotko [owasp] <timur at owasp.org>
>> The big and ridiculously overpriced tools not always better ;)
>> On Fri, 27 Oct 2017 at 13:23, Mike Goodwin <mike.goodwin at owasp.org>
>>> Hello all,
>>> I'm interested in building static code scanning into my OWASP tool
>>> project <https://www.owasp.org/index.php/OWASP_Threat_Dragon> but they
>>> are pretty expensive. Does OWASP have any organisation-wide license for a
>>> tool to do this? Or a subscription to an online service?
>>> Best regards,
>>> *Mike Goodwin*
>>> OWASP Newcastle UK Chapter Leader
>>> OWASP Threat Dragon Project Leader
>>> This message may contain confidential information - you should handle it
>>> OWASP-Leaders mailing list
>>> OWASP-Leaders at lists.owasp.org
>> secmachine․net #wepowersecdev
> *Mike Goodwin*
> OWASP Newcastle UK Chapter Leader
> OWASP Threat Dragon Project Leader
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
*Thanks and Regards,*
*OWASP Project Leader *
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders