Partnering is not the same thing as having a single owner for both
tools. I also believe WhiteHat is "hire them and they do it" model,
though they do put hardware in your enterprise. IIRC, you could not
do all the work yourself if you had whatever components they provided.
I don't think
ntion to the needs of secure code.
-Original Message-
From: sc-l-boun...@securecoding.org
[mailto:sc-l-boun...@securecoding.org] On Behalf Of Brad Andrews
Sent: Tuesday, July 28, 2009 5:03 PM
To: sc-l@securecoding.org
Subject: [SC-L] Integrated Dynamic and Static Scanning
Partnering is no
While I completely agree with this statement, it is a much tougher
sell to management that is seeking to keep the company making money
(or perhaps even alive). I believe that having (and using) an
imperfect tool is better than nothing, so I would at least push for
that. Getting things
That is certainly true. I was just commenting on the issue of systems
that work together tightly. None do now (as far as I know), but this
should potentially allow that to happen.
I did here a few moans when this news came out, since IBM is not known
for inexpensiveness from what I hear
e either.
One thing for ISV's is sure however: the cost of buying your way into the dev
space just went up.
-Original Message-
From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On
Behalf Of Brad Andrews
Sent: Tuesday, July 28, 2009 5:03 PM
To:
Hey all,
I've been monitoring this thread [1] and some excellent points have
been raised (cross-posting to websecurity as the subject matter
applies). I'm personally very interested in the potential benefits of
an integration between dynamic and static analysis scanning
technology. The sp
,
-Ben
-Original Message-
From: sc-l-boun...@securecoding.org [mailto:sc-l-boun...@securecoding.org] On
Behalf Of Jeremiah Grossman
Sent: Thursday, August 06, 2009 4:30 PM
To: sc-l@securecoding.org; websecur...@webappsec.org
Subject: Re: [SC-L] Integrated Dynamic and Static Scanning
Hey all