Quote-Veracode Provides Visibility into Their Verification Process for the OWASP Top 10
This quote is part of the OWASP Quotes Project. You can find all the rules about OWASP quotes and the process for producing them on the Quotes homepage. Please enter comments and suggestions for alternative language on the Discussion Page
Date Drafted: July 28, 2010 Date Approved: TBD Status: Under discussion. Targeted for August 4, 2010.
If you use this quote, we ask that you use it in its entirety, include a link to the official quote, and include a notice that OWASP does not endorse or recommend any company, product, or service.
WARNING: This quote is a draft and has not been approved for use!
|Quote:||The OWASP Foundation is pleased to see Veracode using the OWASP Top 10 application security risks. Managing application security requires real visibility into exactly what has been verified and what has not. Veracode’s transparency around their combination of manual and automated verification techniques stands in stark contrast to those product vendors that wrongly and dangerously assert complete automated coverage and compliance with the Top 10.|
|Disclaimer:||OWASP does not endorse or recommend any company, product, or service.|
|About:||The Open Web Application Security Project (OWASP) is a 501c3 not-for-profit worldwide charitable organization focused on improving the security of application software. Our mission is to make application security visible, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.|