[WEB SECURITY] SAST for PHP and Scala

Pankaj Upadhyay mr.p.upadhyay at gmail.com
Tue Aug 19 12:11:34 EDT 2014


Just tried a quick search of 'PHP' string in the Gartner's quadrant report
for SAST and DAST and seems there are a couple of products which offer SAST
for PHP but nothing for SCALA

http://www.gartner.com/technology/reprints.do?id=1-1WJ75OR&ct=140701&st=sb&mkt_tok=3RkMMJWWfF9wsRoiuazLZKXonjHpfsX66O8sW6a0lMI%252F0ER3fOvrPUfGjI4HRcJjI%252BSLDwEYGJlv6SgFTbnFMbprzbgPUhA%253D

If you don't mind, can I add one more question to the list? Do we know any
tool to scan SQL or PL/SQL code to find security issues?


On Tue, Aug 19, 2014 at 9:27 PM, Menerick, John <jmenerick at netsuite.com>
wrote:

>
> I have not seen any SAST for Scala.  I have had to tackle Scala in a much
> more dynamic approach.
>
> Sent from my iPhone
>
> On Aug 19, 2014, at 8:52 AM, "Pankaj Upadhyay" <mr.p.upadhyay at gmail.com>
> wrote:
>
>   I know Fortify supports PHP but I am not sure how 'good' that tool is
> as a PHP scanner.
>
>
> On Fri, Jun 13, 2014 at 12:10 AM, Robert A. <robert at webappsec.org> wrote:
>
>> Hello,
>> Are there any 'GOOD' tools (NOT services/SaaS) for PHP and Scala SAST?
>> Please don't just list tools you found via a google search :)
>>
>> Regards,
>> Robert A.
>> http://www.cgisecurity.com/
>> http://www.qasec.com/
>> http://www.webappsec.org/
>>
>> _______________________________________________
>> The Web Security Mailing List
>>
>> WebSecurity RSS Feed
>> http://www.webappsec.org/rss/websecurity.rss
>>
>> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>>
>> WASC on Twitter
>> http://twitter.com/wascupdates
>>
>> websecurity at lists.webappsec.org
>> http://lists.webappsec.org/mailman/listinfo/websecurity_
>> lists.webappsec.org
>>
>
>
>
> --
> Thanks,
> Pankaj Upadhyay
>
>   _______________________________________________
> The Web Security Mailing List
>
> WebSecurity RSS Feed
> http://www.webappsec.org/rss/websecurity.rss
>
> Join WASC on LinkedIn http://www.linkedin.com/e/gis/83336/4B20E4374DBA
>
> WASC on Twitter
> http://twitter.com/wascupdates
>
> websecurity at lists.webappsec.org
> http://lists.webappsec.org/mailman/listinfo/websecurity_lists.webappsec.org
>
>
>
>
>  NOTICE: This email and any attachments may contain confidential and
> proprietary information of NetSuite Inc. and is for the sole use of the
> intended recipient for the stated purpose. Any improper use or distribution
> is prohibited. If you are not the intended recipient, please notify the
> sender; do not review, copy or distribute; and promptly delete or destroy
> all transmitted information. Please note that all communications and
> information transmitted through this email system may be monitored and
> retained by NetSuite or its agents and that all incoming email is
> automatically scanned by a third party spam and filtering service which may
> result in deletion of a legitimate e-mail before it is read by the intended
> recipient.
>



-- 
Thanks,
Pankaj Upadhyay
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20140819/0174451f/attachment-0001.html>


More information about the websecurity mailing list