We might want to explain this in the documentationSent from my phone with my typo-happy thumbs. Please excuse my brevityOn Wed, Feb 6, 2019, 20:10 Luke Hinds <lhinds@redhat.com wrote:_______________________________________________On Wed, Feb 6, 2019 at 11:56 PM Trevor Bidhadar <Trevor.Bidhadar@securedecisions.com> wrote:Hello,
I am using Bandit and was wondering how do you define your severity and confidence levels? In other words, what makes a High severity a vulnerability High instead of Medium or Low? How do you define the confidence of the finding?
It's based on OWASP's Risk Rating, see the following:_______________________________________________
Thank you in advance for the information,
Trevor Bidhadar
(631)-759-3960
Project Coordinator
Secure Decisions div. of Applied Visions, Inc.
6 Bayview Avenue
Northport, NY 11768
code-quality mailing list
code-quality@python.org
https://mail.python.org/mailman/listinfo/code-quality
--Luke Hinds | CTO Office | Red Hat
e: lhinds@redhat.com | irc: lhinds @freenode | t: +44 12 52 36 2483
code-quality mailing list
code-quality@python.org
https://mail.python.org/mailman/listinfo/code-quality