Putting the Tools to Work: How to Succeed with Source Code Analysis

Authors:
Pravir Chandra;Brian Chess;John Steven
Affiliations:
Secure Software;Fortify Software;Cigital
Venue:
IEEE Security and Privacy
Year:
2006

Citing 3
Cited 2

Security Engineering: A Guide to Building Dependable Distributed Systems

Security Engineering: A Guide to Building Dependable Distributed Systems
Static Analysis for Security

IEEE Security and Privacy
Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)

Building Secure Software: How to Avoid Security Problems the Right Way (paperback) (Addison-Wesley Professional Computing Series)

Prioritizing software security fortification throughcode-level metrics

Proceedings of the 4th ACM workshop on Quality of protection
Applying static analysis to high-dimensional malicious application detection

Proceedings of the 51st ACM Southeast Conference

Quantified Score

Hi-index	0.00

Visualization

Abstract

Code analysis tools can play an essential role in creating secure software. They can help catchcommon coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety ofrace conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards.