Issue No. 03 - May/June (2006 vol. 4)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.77
Pravir Chandra , Secure Software
John Steven , Cigital
Brian Chess , Fortify Software
Code analysis tools can play an essential role in creating secure software. They can help catch common coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety of race conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards.
code analysis, debugging, security
Pravir Chandra, John Steven, Brian Chess, "Putting the Tools to Work: How to Succeed with Source Code Analysis", IEEE Security & Privacy, vol. 4, no. , pp. 80-83, May/June 2006, doi:10.1109/MSP.2006.77