This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Secure Code Review: Enterprise Metrics

Jump to: navigation, search


Registration | Hotel | Walter E. Washington Convention Center

The presentation

Owasp logo normal.jpg
Developers in large organizations are experiencing a move to a more holistic centralized management of application source code and its review and reporting for vulnerabilities. Presented will be the vulnerability statistics, which were collected at various programming milestones for a range of applications from an enterprise-wide application development portfolio. Application vulnerabilities, which were detected using automated source code analysis tools were stored in a centralized database and reported back to developers and management with the intent of managing risk at an enterprise level. Reports aligned vulnerability classes to the OWASP Top 10. The centralized view of source code vulnerability metrics are shown to drive an enterprise approach to developing standardized security API’s throughout the SDLC.

The speaker

Speaker bio will be posted shortly.