Tuesday 4 December 2012

Implementing S4 - Source-code Security Scanning Services - v0.5.pdf (2008)

From the OunceLabs archives here is a document I wrote back in 2008 that provides a roadmap (and template) for companies (or team) that want to implement a S4 (Source-code Security Scanning Services)

I never finished this document, but there are lots of good (and battle-proven) ideas in there :)

Let me know what you think of it: