Issue No.03 - May/June (2006 vol.4)
Pravir Chandra , Secure Software
Brian Chess , Fortify Software
John Steven , Cigital
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.77
Code analysis tools can play an essential role in creating secure software. They can help catch common coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety of race conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards.
code analysis, debugging, security
Pravir Chandra, Brian Chess, John Steven, "Putting the Tools to Work: How to Succeed with Source Code Analysis", IEEE Security & Privacy, vol.4, no. 3, pp. 80-83, May/June 2006, doi:10.1109/MSP.2006.77