I need to run SCA (static code analysis) for software vulnerability (e.g., OWASP top 20) for an open source JAVA project.
The code is publically available by git, about ~2GB total check-out size, only ~20MB Java source code.
Previous version of project has been scanned by HP fortify, so fortify scan is preferred but not required.
Expected quality is as follows:
[url removed, login to view]
No customized development for this. Just run the scanning software off-the-shelf again the source tree and generate a PDF report. I run the scan myself, it took less than overnight to complete.
13 freelancers are bidding on average $889 for this job
I can make SCA (static code analysis) for software vulnerability. But i need more charges for it. As it will take more time to develop. Waiting for ur reply