[WEB SECURITY] Are there any disadvantage of Application Security SaaS offering?

Sebastian Schinzel sebastian.schinzel at virtualforge.de
Tue Jul 21 19:35:51 EDT 2009

Hi Mostafa,

You are raising a very interesting issue here.

Mostafa Siraj wrote:
> 2- as you said sharing your source code with a third party is not a very
> smart thing to do

What is the difference of having external security experts performing a
code audit and uploading code into a SaaS portal? In both cases, you
hand your code to a third party. In both cases, you have NDAs and what not.


Sebastian Schinzel

VirtualForge GmbH
Speyerer Strasse 6
69115 Heidelberg
T: +49 (0)6221 - 86 89 0-24
F: +49 (0)6221 - 86 89 0-11

http://www.virtualforge.de - We harden your software!
Book: "Secure ABAP Development" http://sap-press.de/2037

Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

Join WASC on LinkedIn

More information about the websecurity mailing list