I see, but what does the score really mean? Does it mean Ruby is more secure than Perl, and Perl is more secure than Php? Or is it just a nebulous indicator based on current knowledge of the various weaknesses in C syntax, and how often they appear in the code? I wonder how Perl6 would fare in comparision?
I'm not really a human, but I play one on earth.
flash japh
| [reply] |
Hi zentra,
From elsewhere in the PDF I linked to:
"The basic methodology of BogoSec is as follows:
1. Execute each scanner present on target source code or tree
2. Parse output of each scanner, determining the filename, line number, severity, description of each
possible vulnerability
3. Interpret the severity indicator and adjust to a common scale (by default, 10 being most severe, 1
being least severe) to calculate .severity points.
4. Report the total number of vulnerability severity points, as well as the total number of lines analyzed
by each scanner
5. Calculate and report the BogoSec final score:
BogoSecFinalScore=TotalVulnerabilityPointsFromAllScanners / TotalLinesO fCodeAnalyzedByAllScanners"
To get the most value from the output I believe the user would be required to familiarise themselves with the scanners that BogoSec uses, and what they are searching for. At the moment I have not had a chance to play around with this. Perhaps the full output lists the vulnerability and the line number it occurs. IMHO the output is only of value if you can use it to investigate the reported vulnerabilities and take action based on the output of these tools. Once I have some spare time I will check this out in detail and report back :)
Martin
| [reply] |