[Owasp-o2-platform] Why doesn't SAST have better Framework support (for example Spring MVC)?

Dennis Groves dennis.groves at owasp.org
Tue Oct 25 18:50:03 EDT 2011


Looks like formal methods leave us with several of the very same critical
issues we currently have at the application layer. But it does manage to
chew on the problem fairly impressively.


-- 
Dennis Groves <http://about.me/dennis.groves>, MSc
dennis.groves at owasp.org

 <http://www.owasp.org/>



On Tue, Oct 25, 2011 at 10:09 PM, Eoin <eoin.keary at owasp.org> wrote:

> And the pivotal question becomes does it really represent a competitive
> advantage sufficient to justify the necessary investment to achieve that
> subset?
>
> - it is if the system being assessed is of significant
> importance/criticality , in the real sense of the word.
>
>
>
>
> On 25 Oct 2011, at 21:56, Dennis Groves <dennis.groves at owasp.org> wrote:
>
> > And the pivotal question becomes does it really represent a competitive
> advantage sufficient to justify the necessary investment to achieve that
> subset?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20111025/8e0c1ddd/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: CWEs Stopped by SPARK HCSS May 2011.pdf
Type: application/pdf
Size: 430621 bytes
Desc: not available
Url : https://lists.owasp.org/pipermail/owasp-o2-platform/attachments/20111025/8e0c1ddd/attachment-0001.pdf 


More information about the Owasp-o2-platform mailing list