Open kamadorueda opened 3 years ago
A few things. 1) Can you figure out a way to host or display the Benchmark scorecard that is in git now at: https://pages.github.com/ ? 2) OWASP doesn't publish scorecards for commercial tools, so we won't publish your score, but we can add support for scorecard generation for your tool. And once that has been added, we'll add your tool to the list of supported SAST tools on the project wiki pages. 3) Can you submit a pull request to the github project for Benchmark with the scorecard generator for your tool?
p.s. I notice you have a link to: https://doc.fluidattacks.com/owasp-benchmark/transparency from this page: https://fluidattacks.com/blog/owasp-benchmark-fluid-attacks/. But that page doesn't appear to exist.
And this link is dead too: https://docs.fluidattacks.com/machine/scanner/reproducibility (No such key error?)
please try with these, we are moving some things around and experimenting a little bit:
For 2) - where is the code repo for this free tool? Can you point me to it?
I was looking at the "tool support / results" tab:
And found that we have very nice results in this link: https://rawgit.com/OWASP/Benchmark/master/scorecard/OWASP_Benchmark_Home.html
However:
[ ] We (Fluid Attacks) would like to include our security vulnerability detection tool in which we've recently evaluated results against the benchmark:
https://docs.fluidattacks.com/machine/scanner/reproducibility (this link is experimental)
Could you please give us some orientation on how to appear in the results? here: https://owasp.org/www-project-benchmark/
I volunteer myself for any task needed, just let me know how could we push this forward
Thanks!