[SC-L] Dr. Dobb's | The Truth About Software Security | January 20, 2007

[ljknews]

At 5:24 AM -0500 1/30/07, Kenneth Van Wyk wrote:

> Any SC-Lers have any first-hand experience with Veracode that they're
> willing to share here?

In particular, www.veracode.com says very little about what ISPs they
will process.  It also implies their analysis is centered around "the
Common Weakness Enumeration (CWE) from MITRE and the Common Vulnerability
Scoring System (CVSS) from FIRST".  That might mean they are centered on
Internet issues.
-- 
Larry Kilgallen