Title :
Putting the tools to work: how to succeed with source code analysis
Author :
Chandra, Pravir ; Chess, Brian ; Steven, John
Author_Institution :
Secure Software, McLean, VA
Abstract :
Code analysis tools can play an essential role in creating secure software. They can help catch common coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety of race conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards
Keywords :
program debugging; reverse engineering; safety-critical software; security of data; code analysis tools; secure software; software debugging; source code analysis; Buffer overflow; Computer security; Costs; Information security; Management training; Pediatrics; Privacy; Programming; Risk management; Software tools; code analysis; debugging; security;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2006.77
