[Ssc-dev] Veracode Call and Server Questions
Bryan Nunez
bryan at witness.org
Mon May 13 17:49:49 EDT 2013
Hi all,
I had a call with Veracode today and they had a few questions about the
server set up. I'm not sure if the wiki is up to date since there's been a
lot of work on the server side.
Is it still basically Python, CouchDB and LighttPD?
The way they work is through automated scans of binaries you upload to the
service, for the server side they'll do automated penetration testing
depending on how the server is configured. They charge yearly based on
project rather than seats and the regular commercial price is between
$17000 - 15000 for a year's worth of automated testing. Since we're
nonprofit and open source we should get a pretty good discount though I'm
not sure if our budget is still enough to cover it in the short term.
Harlo and/or Barbra can you confirm the server config and let me know? I'd
like to get back to them and see what we can work out.
Thanks,
Bryan
--
Bryan Nunez
Technology Manager
WITNESS
+1 (718) 783-2000 x-348
GPG ID: 54E3286C7C631254
GPG Fingerprint: 6115 6A41 0F5A 9AA0 67B6 79D8 54E3 286C 7C63 1254
Check out our Human Rights Channel <http://www.youtube.com/humanrights> on
YouTube
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.mayfirst.org/pipermail/ssc-dev/attachments/20130513/d3fb005b/attachment.html>
More information about the Ssc-dev
mailing list