[SC-L] Java Open Review Project
Brian Chess
brian at fortifysoftware.com
Tue Dec 12 01:09:59 EST 2006
Hello all, I'm pleased to announce that we've just launched the Java Open
Review Project (http://opensource.fortifysoftware.com). We're reviewing
open source Java code all the way from Tomcat down to PetStore looking for
bugs and security vulnerabilities. We're using two static analysis tools to
do the heavy lifting: FindBugs and Fortify SCA. We can use plenty of human
eyes to help sort through the results. We're also soliciting ideas for
which projects we should be reviewing next. Please help!
Brian
More information about the SC-L
mailing list