Re: [python-security] Fortify for Python

Skip to first unread message

Mat Caughron

Mar 8, 2013, 8:59:12 PM3/8/13
hi Geoff:

As a former Fortify consultant, I recommend that you peruse the python section of VulnCat at:

I would not describe the python support as mature.

The only four areas for python-specific potential findings are: Cody Quality, Encapsulation, Input Validation/Representation, and Security Features

On Fri, Mar 8, 2013 at 2:08 PM, Geoff Dillon <> wrote:
Anyone have any experience running Fortify on Python code?   I'm mainly wondering what rules they are applying and how I could verify that its actually looking at my code.  So far I've run it and found very little of interest, just a few Low priority items like using the word "Password" inside a comment.

You received this message because you are subscribed to the Google Groups "Python Security" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
For more options, visit

Reply all
Reply to author
0 new messages