Analyzed
about 7 hours
ago.
based on code collected
about 11 hours
ago.
Project Summary
The OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. As it is written in Java, it supports Java Static Analysis Security Testing Tools (SAST). It’s also a fully runnable web application, so it supports Dynamic Analysis Security Testing Tools (DAST), like OWASP ZAP, and Interactive Analysis Security Testing Tools (IAST) that support Java. The idea is that since it is fully runnable and all the vulnerabilities are actually exploitable, it’s a fair test for any kind of vulnerability detection tool. For more details on this project, please see the OWASP Benchmark Project home page.
In a Nutshell, OWASP Benchmark...
Quick Reference
Organization:
https://github.com/OWASP/Benchmark
Project Security
Vulnerabilities per Version ( last 10 releases )
There are no reported vulnerabilities
Project Vulnerability Report
Security Confidence Index
Poor security track-record
Favorable security track-record
Vulnerability Exposure Index
Many reported vulnerabilities
Few reported vulnerabilities
Did You Know...
-
...
nearly 1 in 3 companies have no process for identifying, tracking, or remediating known open source vulnerabilities
-
...
by exploring contributors within projects, you can view details on every commit they have made to that project
-
...
55% of companies leverage OSS for production infrastructure
-
...
compare projects before you chose one to use