This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Software Security Assessment Tool Review
From OWASP
Revision as of 19:08, 16 February 2012 by M. Buchanan (talk | contribs)
| Product | |
| Description | |
| URL | |
| Supported Languages | |
| Supported Platforms Where Tool Runs | |
| Supported Platform Where Target Resides | |
| Supported Compilers | |
| Can Tool be used Remotely? | |
| Finds or Checks for: (Tool Category) | |
| Lifecycle Position(s) | |
| Scalability (Ability to scan up to 1,000,000 LOC?) | |
| Ability to Identify Comments in Code | |
| Ability to Discover Debug Code | |
| Ability to Discover Unused Code | |
| Tool uses CWE Definitions of Vulnerabilities | |
| Frequency of Rule Base Updates by Tool Provider | |
| Ability of Testers to Modify Existing Rule Bases | |
| Ability of Testers to Add New Rule Bases | |
| Ability to provide suggestions for mitigating vulnerabilities (Remediation). If able, is it Active or Passive? | |
| Cost (Hourly/ Flat Fee) [AVAILABILITY] | |
| Licensing | |
| Vendor Technical Support | |
| Vendor Services / Professional services support | |
| Required training or experience level to operate | |
| Vendor provided (or 3rd party provided) training available | |
| Comments |
