Comments (6)
davewichers
commented on June 15, 2024
It's the Web goat benchmark edition. Totally different code.
On Apr 15, 2015 6:58 PM, "Dinis Cruz" [email protected] wrote:
When I saw the first description of the project I though that the
benchmark was checking how many WebGoat issues where discoveredBut this looks like it has a difference code base, is that correct?
—
Reply to this email directly or view it on GitHub
#1.
from benchmarkjava.
DinisCruz
commented on June 15, 2024
which is why it is confusing to use the WebGoat name
from benchmarkjava.
davewichers
commented on June 15, 2024
WebGoat is a family of tools (currently the Java and .NET versions) that
help people learn about application security. People use the existing
WebGoat versions for benchmarking already, which isn¹t a great choice since
they are really intended for training purposes. We are extending the
WebGoat family to include a real benchmark, which we are calling the WebGoat
Benchmark Edition (WBE).
-Dave
From: Dinis Cruz [email protected]
Reply-To: OWASP/webgoat-benchmark
<reply+004c5b058a89516e17294d29594d2ed25f4513e1c47141fb92cf00000001114eac199
[email protected]>
Date: Tuesday, April 21, 2015 at 8:23 PM
To: OWASP/webgoat-benchmark [email protected]
Cc: Dave Wichers [email protected]
Subject: Re: [webgoat-benchmark] Why is WebGoat in the name? (#1)
which is why it is confusing to use the WebGoat name
�
Reply to this email directly or view it on GitHub
#1 (comment)
.
from benchmarkjava.
DinisCruz
commented on June 15, 2024
Still think it is confusing using that as part of the name
Anyway, closing the question
from benchmarkjava.
davewichers
commented on June 15, 2024
We are planning on renaming the project to be the OWASP Application
Security Testing (AST) Benchmark. Does that make more sense to you? AST is
the term Gartner uses to categorize DAST, SAST, IAST, and we intend to
support all types of vulnerability detection tools and services eventually.
We are starting with SAST.
-Dave
From: Dinis Cruz [email protected]
Reply-To: OWASP/webgoat-benchmark
<reply+004c5b05259626ba1a04c7ab3a5a9f1f48ac589641b8b93e92cf00000001117ecce49
[email protected]>
Date: Thursday, May 28, 2015 at 8:32 AM
To: OWASP/webgoat-benchmark [email protected]
Cc: Dave Wichers [email protected]
Subject: Re: [webgoat-benchmark] Why is WebGoat in the name? (#1)
�
Reply to this email directly or view it on GitHub
#1 (comment) .
from benchmarkjava.
davewichers
commented on June 15, 2024
We have renamed this project to remove WebGoat from the name. Its just the OWASP Benchmark now.
from benchmarkjava.
Related Issues (20)
- BenchmarkTest00209 has an insecure hash vulnerability HOT 2
- My result file can't be identified by the createscorecards.bat HOT 13
- createScorecards.bat - Error resolving version for plugin 'org.owasp:benchmarkutils-maven-plugin' from the repositories HOT 2
- mvn compile or mvn install - Failed to execute goal com.diffplug.spotless:spotless-maven-plugin. HOT 7
- [BUG] The json file output by semgrep is not correctly scored HOT 11
- /usr/bin/jq: Argument list too long HOT 8
- Send custom csv file in createScorecards.sh HOT 8
- Owasp benchmark version in 2018 HOT 5
- GPG key error when building the latest version of ubuntu HOT 1
- deleted
- Trying to create scorecard for Semgrep results but I get empty FluidAttacks scorecard HOT 4
- Assistance Needed with OWASP Benchmark Project for Master's Thesis HOT 2
- Exception in thread "main" java.lang.ExceptionInInitializerError HOT 4
- Add some new vulnerability types HOT 5
- [Q&A] Is ‘file_read’ the desired type of vulnerability in BenchmarkTest00363 HOT 2
- Issue in SQL testcases including ExecuteBatch function HOT 6
- Sonatype URL change for Contrast Java Agent Downloads HOT 6
- How to download the dataset HOT 2
- Cannot generate scorecards from the provided results.xml file HOT 28
- Push linux/amd64 Docker image HOT 8
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from benchmarkjava.