![The OWASP Podcast Series artwork](https://is5-ssl.mzstatic.com/image/thumb/Podcasts/v4/08/7e/37/087e3712-f795-6edd-a1d9-a75f35187704/mza_8089725047110589537.jpg/100x100bb.jpg)
OWASP Benchmark Project w/ Dave Wichers
The OWASP Podcast Series
English - September 30, 2015 15:51 - 14 minutes - 13.6 MB - ★★★★★ - 23 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: OWASP Security Shepherd Project w/ Mark Denihan and Paul McCann
There's been a lot of discussion around the OWASP Benchmark Project since it's latest release. Jeff Williams wrote an article and then received a response from Chris Wysopal at Veracode. I was able to catch up with Dave Wichers, OWASP Project Lead, during AppSecUSA 2015 in San Francisco. I had Dave talk me through the project and what its intentions are.
Resources:
OWASP Benchmark Project
https://www.owasp.org/index.php/Benchmark
Why it's Insane to Trust Static Analysis
http://www.darkreading.com/vulnerabilities---threats/why-its-insane-to-trust-static-analysis/a/d-id/1322274?
No One Technology is a Silver Bullet
https://www.veracode.com/blog/2015/09/no-one-technology-silver-bullet