Febins Absent Member.
Absent Member.

OWASP TOP 2013 policy is available in Webinspect

Is anyone know OWASP TOP 2013 policy is available in webinspect latest version (10.1) ? To my knowledge , OWASP TOP 2010 is the latest available in webisnpect.


Does any one know , when webinspect included OWASP TOP 2013 in the policy? If HP included this it would be an added advantange to us ; easy selection of policy.

Labels (1)
1 Reply
Micro Focus Expert
Micro Focus Expert

Re: OWASP TOP 2013 policy is available in Webinspect

Yes, the 2013 format will be added soon enough, but they just released it.  I believe this will be in WebInspect by September?  Not sure if it will be covered via a new scan Policy, an additional Compliance template, or both.  I suspect both, eventually.  SmartUpdate will probably be used to deliver it.


If you simply cannot wait, you could try your hand at a custom Compliance Template.  I would open the prior iteration to expose the Threat Classifications and such linked to the old requirements, and then map those over to the requirements in the new release/template.

-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.