The OWASP Podcast Series artwork

OWASP Benchmark Project w/ Dave Wichers

The OWASP Podcast Series

English - September 30, 2015 15:51 - 14 minutes - 13.6 MB - ★★★★★ - 23 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: OWASP Security Shepherd Project w/ Mark Denihan and Paul McCann
Next Episode: OWASP Application Security Verification Standard Project w/ Andrew van der Stock

There's been a lot of discussion around the OWASP Benchmark Project since it's latest release. Jeff Williams wrote an article and then received a response from Chris Wysopal at Veracode. I was able to catch up with Dave Wichers, OWASP Project Lead, during AppSecUSA 2015 in San Francisco. I had Dave talk me through the project and what its intentions are.

Resources:
OWASP Benchmark Project
https://www.owasp.org/index.php/Benchmark

Why it's Insane to Trust Static Analysis
http://www.darkreading.com/vulnerabilities---threats/why-its-insane-to-trust-static-analysis/a/d-id/1322274?

No One Technology is a Silver Bullet
https://www.veracode.com/blog/2015/09/no-one-technology-silver-bullet