Third Party Code Review? 89
An Anonymous Coward asks: "It looks like our sale-person is about to land a big contract with a very large US Bank, however there is a large catch in that the bank is demanding that we let them do a full audit on the source code of the software application we are selling them. After the recent rash of identity thefts of credit card and other personal info, they now mandate that all internet facing applications that store potentially private information have to have a full source code audit. This includes software from 3rd party vendors such as my company. They want to run our Java code through some software called Fortify (we looked up the price -- around $80,000) and also do a manual analysis of the code. This software is our company's life-blood. We would be ruined if it fell into a competitor's hands. We aren't storing private information about their customer's; all of the information can be found from government county auditor web sites. I understand their point of view, but it is a very scary step for us to take. Has anyone else done this and how did it work out?"
Re:ruined? (Score:5, Funny)
Talk to the bank manager, let him know that you whole heartedly support security audits. Then ridicule him for trusting Fortify, a closed source tool, for sucah an important audit. Enlighten him about the possible conspiraces involving Fortify, Nigerian Scammers, Dick Cheny ,
Whew, another success story for the books.
Re:Not too sympathetic. (Score:3, Funny)
Re:ruined? (Score:5, Funny)
Re:Not too sympathetic. (Score:4, Funny)
Pointless Haiku
containing big mac
always ends with
toilet flushing.
I doubt that qualifies. But then I don't qualify for much either
Re:Not too sympathetic. (Score:5, Funny)
Order a Big Mac later.
Fries with that?
My god its late and I need to go home
Re:ruined? (Score:4, Funny)
At some point in the above-mentioned plot, mostly around the end, you should laugh like a maniac, like "BWA HAH HA HA HA HAAAAAAaaah". For more information, see this entry on Wikipedia [wikipedia.org]
Re:Not too sympathetic. (Score:2, Funny)