ThreadFix Thursday: Beta15, Updated Importers and Bugfixes

threadfix
My apologies – it has been a little bit since our last update, but today we pushed out Beta15. Improvements in this release include:
  • An updated Fortify importer that uses SAX parsing for better memory and speed efficiency has been included in the main codebase. Check it out, feed some big FPR files to it and let us know how it does for you.
  • An updated Acunetix importer that addresses a couple of issues and includes new vulnerabilities they’ve added in recent releases. (I also wanted to extend a big “thank you” to the Acunetix folks for their help tuning and improving our importer.)
  • Various bug fixes (keep an eye on the Google Code bug tracker for the current list of open issues)
Also for those of you who are attending AppSecEU in Athens next month, I’ll be giving a training course on running a software security program based on Open Source tools. We’ll be looking at a lot of the features of ThreadFix as well as how ThreadFix can be used with tools like OWASP ZAProxy, mod_security and w3af.
–Dan
dan _atdenimgroup.com

Posted via email from Denim Group’s Posterous

About Dan Cornell

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *