loading...
 This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Static Analysis for Security
November-December 2004 (vol. 2 no. 6)
pp. 76-79
ASCII Text
x 
 
Brian Chess, Gary McGraw, "Static Analysis for Security," IEEE Security and Privacy, vol. 2, no. 6, pp. 76-79, November-December, 2004.
 
 
BibTex
x
 
@article{ 10.1109/MSP.2004.111,
author = {Brian Chess and Gary McGraw},
title = {Static Analysis for Security},
journal ={IEEE Security and Privacy},
volume = {2},
number = {6},
issn = {1540-7993},
year = {2004},
pages = {76-79},
doi = {http://doi.ieeecomputersociety.org/10.1109/MSP.2004.111},
publisher = {IEEE Computer Society},
address = {Los Alamitos, CA, USA},
}
 
 
RefWorks Procite/RefMan/Endnote
x 
 
TY - MGZN
JO - IEEE Security and Privacy
TI - Static Analysis for Security
IS - 6
SN - 1540-7993
SP76
EP79
EPD - 76-79
A1 - Brian Chess,
A1 - Gary McGraw,
PY - 2004
KW - software development life cycle
KW - source code
KW - static analysis
VL - 2
JA - IEEE Security and Privacy
ER -
 
Brian Chess, Fortify Software
Gary McGraw, Cigital
All software projects are guaranteed to have one artifact in common: source code. Together with architectural risk analysis, code review for security ranks very high on the list of software security best practices. Here, we'll look at how to automate source-code security analysis with static analysis tools.
Index Terms:
software development life cycle, source code, static analysis
Citation:
Brian Chess, Gary McGraw, "Static Analysis for Security," IEEE Security and Privacy, vol. 2, no. 6, pp. 76-79, Nov. 2004, doi:10.1109/MSP.2004.111
Usage of this product signifies your acceptance of the Terms of Use.