[WEB SECURITY] Are there any disadvantage of Application Security SaaS offering?

Sebastian Schinzel sebastian.schinzel at virtualforge.de
Tue Jul 21 19:35:51 EDT 2009


Hi Mostafa,

You are raising a very interesting issue here.

Mostafa Siraj wrote:
> 2- as you said sharing your source code with a third party is not a very
> smart thing to do

What is the difference of having external security experts performing a
code audit and uploading code into a SaaS portal? In both cases, you
hand your code to a third party. In both cases, you have NDAs and what not.

Thanks,
Sebastian

-- 
Sebastian Schinzel

VirtualForge GmbH
Headquarters:
Speyerer Strasse 6
69115 Heidelberg
Germany
T: +49 (0)6221 - 86 89 0-24
F: +49 (0)6221 - 86 89 0-11

http://www.virtualforge.de - We harden your software!
Book: "Secure ABAP Development" http://sap-press.de/2037

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/archive/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn
http://www.linkedin.com/e/gis/83336/4B20E4374DBA



More information about the websecurity mailing list