[SC-L] Static Analysis Findings

I spent some time over the weekend looking at the Ounce Findings file (OZASMT) and wonder if the community at large should push Ounce, Fortify, Klocwork, Coverity, etc to come up with an interoperable XML-based way of exchanging findings?

Re: [SC-L] Static Analysis Findings

The OWASP O2 Platform (see http://www.owasp.org/index.php/OWASP_O2_Platformand http://www.o2-ounceopen.com/ ) already is able to import into its internal Findings format (defined by the C# interfaces IO2Finding and IO2Trace (see OWASP_O2_Platform/Docs/O2Findings_Schema