ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "OWASP Benchmark Project w/ Dave Wichers"
Episode Synopsis
There's been a lot of discussion around the OWASP Benchmark Project since it's latest release. Jeff Williams wrote an article and then received a response from Chris Wysopal at Veracode. I was able to catch up with Dave Wichers, OWASP Project Lead, during AppSecUSA 2015 in San Francisco. I had Dave talk me through the project and what its intentions are.
Resources:
OWASP Benchmark Project
https://www.owasp.org/index.php/Benchmark
Why it's Insane to Trust Static Analysis
http://www.darkreading.com/vulnerabilities---threats/why-its-insane-to-trust-static-analysis/a/d-id/1322274?
No One Technology is a Silver Bullet
https://www.veracode.com/blog/2015/09/no-one-technology-silver-bullet
Resources:
OWASP Benchmark Project
https://www.owasp.org/index.php/Benchmark
Why it's Insane to Trust Static Analysis
http://www.darkreading.com/vulnerabilities---threats/why-its-insane-to-trust-static-analysis/a/d-id/1322274?
No One Technology is a Silver Bullet
https://www.veracode.com/blog/2015/09/no-one-technology-silver-bullet
More episodes of the podcast The OWASP Podcast Series
ep2024-09 Threat Modeling with Takaharu
25/09/2024
ep2024-08 OWASP Projects Roundup
30/08/2024
ep2023-07 What's Audit got to do with IT
31/07/2023
AppSec at 40,000 feet
22/05/2023
In God we trust