1 / 4

OFS – Open Findings Schema

OFS – Open Findings Schema. Chandu Ketkar Cigital Consulting cketkar@cigital.com. February 11, 2010. What is OFS?. Schema Common format to represent : Findings, Traces, Classification Translators Translate between tools and OFS Support for common tools –

tom
Download Presentation

OFS – Open Findings Schema

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. OFS – Open Findings Schema Chandu Ketkar Cigital Consulting cketkar@cigital.com February 11, 2010

  2. What is OFS? • Schema • Common format to represent : • Findings, Traces, Classification • Translators • Translate between tools and OFS • Support for common tools – • Fortify, Ounce, Findbugs, AppScan and more. • API • To access, manipulate Findings

  3. Why OFS? • Enable Tool-Agnostic Applications • Application interface with the OFS API • Applications not aware of the tool formats • Leverage existing Tools Results • Merge/Build on each Tool’s Strength • Correlate Findings across tool sets (e.g. Fortify and Ounce) • Enable Hybrid Analysis • Applications to analyze and correlate Static and Dynamic analysis Findings • Build a Visualization Tools / Reporting Tools • To process Findings from many tools

  4. Timeline • Timeline • OFS Release in March 2010 • Contact • John Steven, OWASP and Cigital Consulting • jsteven@cigital.com • Chandu Ketkar, Cigital Consulting • cketkar@cigital.com

More Related