Issue No. 03 - May/June (2006 vol. 4)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2006.77
Pravir Chandra , Secure Software
Brian Chess , Fortify Software
John Steven , Cigital
Code analysis tools can play an essential role in creating secure software. They can help catch common coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety of race conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards.
code analysis, debugging, security
P. Chandra, J. Steven and B. Chess, "Putting the Tools to Work: How to Succeed with Source Code Analysis," in IEEE Security & Privacy, vol. 4, no. , pp. 80-83, 2006.