Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

A New Open Source Approach to Weakness

From: jeff.williams at aspectsecurity.com (Jeff Williams)
Date: Wed, 9 Aug 2006 11:50:23 -0400
Fortify has graciously donated these vulnerability writeups to OWASP,
where they will be maintained wikipedia-style.  We have a strong team of
reviewers in place to review all changes daily.  There are a total of
almost 500 vulnerabilities now, from Fortify, CLASP, and many other
sources.  We're creating an interlinked knowledgebase of common
application security principles, threats, attacks, vulnerabilities, and
countermeasures.  Anyone can participate, so come help us out.

http://www.owasp.org/index.php/Category:OWASP_Honeycomb_Project 

--Jeff
 
-----Original Message-----
From: sc-l-bounces at securecoding.org
[mailto:sc-l-bounces at securecoding.org] On Behalf Of Gergely Buday
Sent: Wednesday, August 09, 2006 10:08 AM
To: Secure Coding
Subject: [***SPAM (header)***] - Re: [SC-L] A New Open Source Approach
to Weakness - Email found in subject

On 09/08/06, Kenneth Van Wyk <ken at krvw.com> wrote:


FYI, here's an article about Fortify's pernicious kingdom taxonomy of

common

coding defects that I thought would be of interest here:

http://www.internetnews.com/dev-news/article.php/3623751


The link to the original paper is:

http://vulncat.fortifysoftware.com/docs/tcm_taxonomy_submission.pdf

Cheers

- Gergely
_______________________________________________
Secure Coding mailing list (SC-L)
SC-L at securecoding.org
List information, subscriptions, etc -
http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
Previous By Date Next
Previous By Thread Next

Current thread: