Putting the Tools to Work: How to Succeed with Source Code Analysis

  • Authors:
  • Pravir Chandra;Brian Chess;John Steven

  • Affiliations:
  • Secure Software;Fortify Software;Cigital

  • Venue:
  • IEEE Security and Privacy
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

Code analysis tools can play an essential role in creating secure software. They can help catchcommon coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety ofrace conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards.