The Parasoft Security Bundle is a package of tools for your DTP infrastructure that provides visibility into your security compliance efforts. The bundle includes the following tools.
Security Compliance Pack
The Parasoft Security Compliance Pack is a set of artifacts for your DTP infrastructure that help you implement your software security compliance initiatives. It includes configurations that re-orient static analysis data to report violations according to security compliance standards. It also includes widgets for viewing your security compliance status and custom compliance DTP dashboards for monitoring the progress toward your overall security compliance goals. The Security Compliance Pack supports the following standards by default:
- CERT C
- CERT C++
- CWE List Version 4.5
- CWE Top 25
- CWE Top 25 + On the Cusp
- UL 2900
- OWASP Top 10
- OWASP API Security Top 10
- PCI DSS 3.2
- DISA ASD STIG
Read the Security Compliance Pack documentation for installation and usage instructions.
OWASP Dependency Check Pack
Parasoft OWASP Dependency Check Pack helps you comply with the OWASP Top 10 2013 entry: A9 Using Components with Known Vulnerabilities guideline. It reads the results the third-party OWASP dependency-check tool and performs the following actions:
- Processes the result file generated by the OWASP dependency-check tool
- Generates reports vulnerabilities
- Sends the data to Parasoft DTP
...
...
...