[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Penetration testing will be dead by 2009 - Mr. Chess

To: "Simon Smith" <simon@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] Penetration testing will be dead by 2009 - Mr. Chess
From: "James Matthews" <nytrokiss@xxxxxxxxx>
Date: Wed, 31 Dec 2008 08:34:12 +0200

I wish! Fortify software has been tested against many open source projects
and reported a bunch of false positives. Yes i know they are working to
improve the software.... However i still hold that fuzzing will show you
some issues that this software cannot.

James

On Tue, Dec 30, 2008 at 8:16 PM, Simon Smith <simon@xxxxxxxxxxx> wrote:

>
>
> http://snosoft.blogspot.com/2008/12/brian-chess-cto-of-fortify-software.html
>
>
>        Simon Smith
>        simon@xxxxxxxxxxx
>         --------------------------------------
>
>        Subscribe to our blog
>         http://snosoft.blogspot.com
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>

-- 
http://www.goldwatches.com/

http://www.jewelerslounge.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] Penetration testing will be dead by 2009 - Mr. Chess
  - From: Jared DeMott

Prev by Date: Re: [Full-disclosure] Creating a rogue CA certificate
Next by Date: Re: [Full-disclosure] Creating a rogue CA certificate
Previous by thread: Re: [Full-disclosure] Creating a rogue CA certificate
Next by thread: Re: [Full-disclosure] Penetration testing will be dead by 2009 - Mr. Chess
Index(es):
- Date
- Thread