I sent the following out to The Web Security Mailing List (which I moderate) announcing a new WASC Project.
"The Web Application Security Consortium is pleased to announce a new project "Static Analysis Tool Evaluation Criteria (SATEC)". Currently WASC is seeking volunteers from various sections of the community including security researchers, academics, vendors, software developers and security professionals.
A brief description of the project
This project will specifically define a common criteria for evaluation of SAST (Static Application Security Testing) tools for individual organizations. This evaluation criteria will not include information specific to any vendor nor will it even mention any vendor!This guide is intended to assist organizations in the procurement of SAST tools.
The project page can be found at
If you like to get involved with this project, please contact Sherif Koussa (sherif.koussa (@) gmail.com) ."