Discussion:
Veracode scan and penetration test
m***@gmail.com
2018-07-20 21:54:54 UTC
Permalink
Are there any published results available for Veracode vulnerability scan and penetration testing for Bugzilla? Our security team is cataloging our deployed apps and vulnerability scan and penetration testing for hosted applications is desired/required.
Thorsten Schöning
2018-07-21 06:30:26 UTC
Permalink
Post by m***@gmail.com
Are there any published results available for Veracode
vulnerability scan and penetration testing for Bugzilla?
None I'm aware of.
Post by m***@gmail.com
Our
security team is cataloging our deployed apps and vulnerability scan
and penetration testing for hosted applications is desired/required.
Which normally means that you need to run such tests on your own,
because results may vary among different versions of Bugzilla in use
and it is very unlikely that someone scans all versions you might use,
Bugzilla supports customization of templates and using extensions,
which might introduce security problems local to your concrete
installation and in the end even your environment might be a problem
because of things like wrongly configured web servers etc.

Mit freundlichen Grüßen,

Thorsten Schöning
--
Thorsten Schöning E-Mail: ***@AM-SoFT.de
AM-SoFT IT-Systeme http://www.AM-SoFT.de/

Telefon...........05151- 9468- 55
Fax...............05151- 9468- 88
Mobil..............0178-8 9468- 04

AM-SoFT GmbH IT-Systeme, Brandenburger Str. 7c, 31789 Hameln
AG Hannover HRB 207 694 - Geschäftsführer: Andreas Muchow
m***@gmail.com
2018-07-21 10:57:41 UTC
Permalink
Post by m***@gmail.com
Are there any published results available for Veracode vulnerability scan and penetration testing for Bugzilla? Our security team is cataloging our deployed apps and vulnerability scan and penetration testing for hosted applications is desired/required.
Great, thank you for the response Thorsten.

Loading...