Quote-Veracode Provides Visibility into Their Verification Process for the OWASP Top 10

From OWASP
Revision as of 02:01, 4 August 2010 by Jeff Williams (Talk | contribs)

Jump to: navigation, search

Background

This quote is part of the OWASP Quotes Project. You can find all the rules about OWASP quotes and the process for producing them on the Quotes homepage. Please enter comments and suggestions for alternative language on the Discussion Page

Date Drafted: July 28, 2010

Date Approved: TBD

Status: Under discussion. Targeted for August 4, 2010.


Quote

If you use this quote, we ask that you use it in its entirety, include a link to the official quote, and include a notice that OWASP does not endorse or recommend any company, product, or service.

WARNING: This quote is a draft and has not been approved for use!



Quote:The OWASP Foundation is pleased to see Veracode using the OWASP Top 10 application security risks. Managing application security requires real visibility into exactly what has been verified and what has not. Veracode’s transparency around their combination of manual and automated verification techniques stands in stark contrast to those product vendors that wrongly and dangerously assert complete automated coverage and compliance with the Top 10.
Source:Official Quote
Disclaimer:OWASP does not endorse or recommend any company, product, or service.
About:The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.