Fortify360 WebGoat 5.2

This video demonstrates the source code analysis of the WebGoat 5.2 application with the Fortify 360 SCA plug-in for Eclipse. WebGoat is a deliberately unsecure J2EE web application maintained by OWASP designed to teach web application security lessons. It is ideal for running a source code analysis because it contains the most common security vulnerabilities found in Web applications.

This video shows how to setup the project in Eclipse for analysis and concludes with opening up the resulting audit project in the Fortify 360 Audit Workbench.