Quote-Veracode Provides Visibility into Their Verification Process for the OWASP Top 10
This quote is part of the OWASP Quotes Project. You can find all the rules about OWASP quotes and the process for producing them on the Quotes homepage. Please enter comments and suggestions for alternative language on the Discussion Page
Date Drafted: July 28, 2010 Date Approved: August 4, 2010 Status: Issued
If you use this quote, we ask that you use it in its entirety, include a link to the official quote, and include a notice that OWASP does not endorse or recommend any company, product, or service.
|Quote:||The OWASP Foundation is pleased to see Veracode using the OWASP Top 10 application security risks. Managing application security requires real visibility into exactly what has been verified and what has not. Veracode’s transparency around their combination of manual and automated verification techniques stands in stark contrast to those product vendors that wrongly and dangerously assert complete automated coverage and compliance with the Top 10.|
|Disclaimer:||OWASP does not endorse or recommend any company, product, or service.|
|About:||The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.|