Some people does not think
their code is insecure. Some people thinks that performances are the primary
goal to achieve. Sometimes security is seen as
an useless additional cost to a project to deal with.
Milk is the experience for those people having
their source code assessment served as warn and smooth glass of milk...
Back in the 2006 I started writing Orizon a source code assessment
engine. After a while I realize the need having a tool built upon such engine
to test the APIs I was writing.
That's because I started writing Milk, an opensource Java source code security scanner.
