Difference between revisions of "SSATR Template"

Latest revision as of 21:57, 17 February 2012

Copy and paste this code into the Software Security Assessment Tool Review project page.

**APPENDIX A: TOOL MATRIX TEMPLATE**
Product
Description
URL
Supported Languages
Supported Platforms Where Tool Runs
Supported Platform Where Target Resides
Supported Compilers
Can Tool be used Remotely?
Finds or Checks for: (Tool Category)
Lifecycle Position(s)
Scalability (Ability to scan up to 1,000,000 LOC?)
Ability to Identify Comments in Code
Ability to Discover Debug Code
Ability to Discover Unused Code
Tool uses CWE Definitions of Vulnerabilities
Frequency of Rule Base Updates by Tool Provider
Ability of Testers to Modify Existing Rule Bases
Ability of Testers to Add New Rule Bases
Ability to provide suggestions for mitigating vulnerabilities (Remediation). If able, is it Active or Passive?
Cost (Hourly/ Flat Fee) [AVAILABILITY]
Licensing
Vendor Technical Support
Vendor Services / Professional services support
Required training or experience level to operate
Vendor provided (or 3rd party provided) training available
Comments

@@ Line 1: / Line 1: @@
 ==Directions==
-Use this template to add another Software Security Assessment Tool to the [['''Software Security Assessment Tool Review]]'''
+Copy and paste this code into the '''[[Software Security Assessment Tool Review]]''' project page.
+==Appendix A-'''ENTER THE NEXT SEQUENTIAL NUMBER FOR YOUR NEW TOOL''': '''ENTER THE NEW TOOL TITLE'''==
 {| width="80%" border="2" cellspacing="2" cellpadding="2"
 |+ '''APPENDIX A: TOOL MATRIX TEMPLATE'''