This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Podcast 5"
From OWASP
m |
m |
||
| Line 14: | Line 14: | ||
- What is static analysis good for and what is it no good for? | - What is static analysis good for and what is it no good for? | ||
- What is the exact relationship between Cigital and Fortify? | - What is the exact relationship between Cigital and Fortify? | ||
| − | - Why do you think your “top 19” is any better than the OWASP top 10 or the CWE top 25? | + | - Why do you think your “top 19” is any better than the OWASP top 10 or the CWE top 25? |
- Why does Cigital have a proprietary approach to IP? | - Why does Cigital have a proprietary approach to IP? | ||
- What makes the Touchpoints any better than the SDL or CLASP? | - What makes the Touchpoints any better than the SDL or CLASP? | ||
Revision as of 23:00, 26 January 2009
Recorded January 15, 2009
- Listen Now owasp_podcast_5.mp3
Participants
- Gary McGraw is the CTO of Cigital. - Jim Manico is a Web Application Architect and Security Engineer for Aspect Security.
Interview with Gary McGraw
- Why do you insist on use of the term “software security” as opposed to “application security”? - What is static analysis good for and what is it no good for? - What is the exact relationship between Cigital and Fortify? - Why do you think your “top 19” is any better than the OWASP top 10 or the CWE top 25? - Why does Cigital have a proprietary approach to IP? - What makes the Touchpoints any better than the SDL or CLASP? - What is your relationship with Allan Paller and SANS? - Who picked the “porn music” theme for Silver Bullet?
Intro Music by Rhine Singleton and Gary McGraw
- Song "To You Right Now" from the album 100 Feet Above the Ground - Guitar and vocals: Rhine Singleton - Mandolin, fiddle, and vocals: Gary McGraw - Produced by Gary McGraw
