OWASP TOP 2013 policy is available in Webinspect
Is anyone know OWASP TOP 2013 policy is available in webinspect latest version (10.1) ? To my knowledge , OWASP TOP 2010 is the latest available in webisnpect.
Does any one know , when webinspect included OWASP TOP 2013 in the policy? If HP included this it would be an added advantange to us ; easy selection of policy.
Re: OWASP TOP 2013 policy is available in Webinspect
Yes, the 2013 format will be added soon enough, but they just released it. I believe this will be in WebInspect by September? Not sure if it will be covered via a new scan Policy, an additional Compliance template, or both. I suspect both, eventually. SmartUpdate will probably be used to deliver it.
If you simply cannot wait, you could try your hand at a custom Compliance Template. I would open the prior iteration to expose the Threat Classifications and such linked to the old requirements, and then map those over to the requirements in the new release/template.
-- Habeas Data
Micro Focus Fortify Customers-Only Forums – https://community.softwaregrp.com/t5/Fortify/ct-p/fortify