Quote-Veracode Provides Visibility into Their Verification Process for the OWASP Top 10

From OWASP
Jump to: navigation, search

Background

This quote is part of the OWASP Quotes Project. You can find all the rules about OWASP quotes and the process for producing them on the Quotes homepage. Please enter comments and suggestions for alternative language on the Discussion Page

Date Drafted: July 28, 2010

Date Approved: August 4, 2010

Status: Issued
References: http://www.veracode.com/content/view/1199/38


Quote

If you use this quote, we ask that you use it in its entirety, include a link to the official quote, and include a notice that OWASP does not endorse or recommend any company, product, or service.



Quote:The OWASP Foundation is pleased to see Veracode using the OWASP Top 10 application security risks. Managing application security requires real visibility into exactly what has been verified and what has not. Veracode’s transparency around their combination of manual and automated verification techniques stands in stark contrast to those product vendors that wrongly and dangerously assert complete automated coverage and compliance with the Top 10.
Source:Official Quote
Disclaimer:OWASP does not endorse or recommend any company, product, or service.
About:The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.