Secure Code Review: Enterprise Metrics

From OWASP
Revision as of 10:44, 17 September 2010 by Mark.bristow (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The presentation

Owasp logo normal.jpg
Developers in large organizations are experiencing a move to a more holistic centralized management of application source code and its review and reporting for vulnerabilities. Presented will be the vulnerability statistics, which were collected at various programming milestones for a range of applications from an enterprise-wide application development portfolio. Application vulnerabilities, which were detected using automated source code analysis tools were stored in a centralized database and reported back to developers and management with the intent of managing risk at an enterprise level. Reports aligned vulnerability classes to the OWASP Top 10. The centralized view of source code vulnerability metrics are shown to drive an enterprise approach to developing standardized security API’s throughout the SDLC.

The speaker

Speaker bio will be posted shortly.