<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div>This is a free, proprietary cloud scanner for apps hosted via the •Google App Engine• only.... fairly limited.</div><div><br></div><div>Good to see them citing good sources. :)</div><div><br></div><div>Aloha,<br><div>--</div><div>Jim Manico</div><div><div apple-content-edited="true" class=""><div class="" style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;"><div class=""><span style="background-color: rgba(255, 255, 255, 0);">Global Board Member</span></div><span style="background-color: rgba(255, 255, 255, 0);">OWASP Foundation</span><div class=""><a href="https://www.owasp.org/" class="" style="background-color: rgba(255, 255, 255, 0);"><font color="#000000">https://www.owasp.org</font></a></div></div></div><div class=""><span style="background-color: rgba(255, 255, 255, 0);">Join me at <a href="http://appsecusa.org/" target="_blank" class="">AppSecUSA</a> 2015!</span></div></div></div><div><br>On Aug 13, 2015, at 4:24 AM, Noreen Whysel <<a href="mailto:noreen.whysel@owasp.org">noreen.whysel@owasp.org</a>> wrote:<br><br></div><blockquote type="cite"><div><div dir="ltr">From <a href="https://cloud.google.com/security-scanner">https://cloud.google.com/security-scanner</a>:<div><br></div><div><img src="cid:ii_idaaqy5j0_14f277222a2c2881" width="472" height="110"><br>​<br></div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div>Noreen Whysel</div><div>Community Manager</div><div>OWASP Foundation</div></div></div></div>
<br><div class="gmail_quote">On Thu, Aug 13, 2015 at 10:01 AM, Azzeddine Ramrami <span dir="ltr"><<a href="mailto:azzeddine.ramrami@owasp.org" target="_blank">azzeddine.ramrami@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><span class=""><div>No they don't refer to OWASP TOP 10.<br></div>More information in this article:<br><br></span><a href="http://www.computerworld.com/article/2886386/google-cloud-offers-security-scanning-for-customer-apps.html" target="_blank">http://www.computerworld.com/article/2886386/google-cloud-offers-security-scanning-for-customer-apps.html</a><br><br></div>For me it is a beta version, not really accurate. The best way is to use known scanning techniques for Cloud Services.<span class="HOEnZb"><font color="#888888"><br></font></span></div><span class="HOEnZb"><font color="#888888">Azzeddine</font></span><div><div class="h5"><br><div><div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Aug 13, 2015 at 4:00 PM, Azzeddine Ramrami <span dir="ltr"><<a href="mailto:azzeddine.ramrami@owasp.org" target="_blank">azzeddine.ramrami@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div>No they don't refer to OWASP TOP 10.<br></div>More information in this article:<br><br></div><div class="gmail_extra"><div><div><br><div class="gmail_quote">On Thu, Aug 13, 2015 at 3:53 PM, Noreen Whysel <span dir="ltr"><<a href="mailto:noreen.whysel@owasp.org" target="_blank">noreen.whysel@owasp.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Wow. They refer to the OWASP Top Ten to learn more about security. I supposed they must have based their scan on the Top Ten?</div><div class="gmail_extra"><br clear="all"><div><div><div dir="ltr"><div>Noreen Whysel</div><div>Community Manager</div><div>OWASP Foundation</div></div></div></div>
<br><div class="gmail_quote"><div><div>On Thu, Aug 13, 2015 at 9:38 AM, Fabio Cerullo <span dir="ltr"><<a href="mailto:fcerullo@owasp.org" target="_blank">fcerullo@owasp.org</a>></span> wrote:<br></div></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div><div><div style="word-wrap:break-word">Just came across this:<div><br></div><div><a href="https://cloud.google.com/security-scanner" target="_blank">https://cloud.google.com/security-scanner</a></div><div><br></div><div>Has anyone used it?</div><div><br></div><div>Thanks,</div><div><br></div><div><br><div>
<div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div style="color:rgb(0,0,0);letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;word-wrap:break-word"><div>Fabio Cerullo</div><div>Global Board Member</div>OWASP Foundation<div><a href="https://www.owasp.org" target="_blank">https://www.owasp.org</a></div><div>Join me at <a href="https://2015.appsecusa.org" target="_blank">AppSecUSA 2015</a> in San Francisco!</div></div></div>
</div>

<br></div></div><br></div></div>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div><br></div>
<br>_______________________________________________<br>
OWASP-Leaders mailing list<br>
<a href="mailto:OWASP-Leaders@lists.owasp.org" target="_blank">OWASP-Leaders@lists.owasp.org</a><br>
<a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders" rel="noreferrer" target="_blank">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a><br>
<br></blockquote></div><br><br clear="all"><br></div></div><span><font color="#888888">-- <br><div><div dir="ltr"><div>Azzeddine RAMRAMI<br> <a href="tel:%2B33%206%2065%2048%2090%2004" value="+33665489004" target="_blank">+33 6 65 48 90 04</a>.<br>Enterprise Security Architect<br>OWASP Leader (Morocco Chapter)<br></div>Mozilla Security Projects Mentor<br></div></div>
</font></span></div>
</blockquote></div><br><br clear="all"><br>-- <br><div><div dir="ltr"><div>Azzeddine RAMRAMI<br> <a href="tel:%2B33%206%2065%2048%2090%2004" value="+33665489004" target="_blank">+33 6 65 48 90 04</a>.<br>Enterprise Security Architect<br>OWASP Leader (Morocco Chapter)<br></div>Mozilla Security Projects Mentor<br></div></div>
</div></div></div></div></div></div>
</blockquote></div><br></div>
</div></blockquote><blockquote type="cite"><div><span>_______________________________________________</span><br><span>OWASP-Leaders mailing list</span><br><span><a href="mailto:OWASP-Leaders@lists.owasp.org">OWASP-Leaders@lists.owasp.org</a></span><br><span><a href="https://lists.owasp.org/mailman/listinfo/owasp-leaders">https://lists.owasp.org/mailman/listinfo/owasp-leaders</a></span><br></div></blockquote></body></html>