Secure Programming with Static Analysis

Secure Programming with Static Analysis

4.11 - 1251 ratings - Source

The First Expert Guide to Static Analysis for Software Security! Creating secure code requires more than just good intentions. Programmers need to know that their code will be safe in an almost infinite number of scenarios and configurations. Static source code analysis gives users the ability to review their work with a fine-toothed comb and uncover the kinds of errors that lead directly to security vulnerabilities. Now, therea€™s a complete guide to static analysis: how it works, how to integrate it into the software development processes, and how to make the most of it during security code review. Static analysis experts Brian Chess and Jacob West look at the most common types of security defects that occur today. They illustrate main points using Java and C code examples taken from real-world security incidents, showing how coding errors are exploited, how they could have been prevented, and how static analysis can rapidly uncover similar mistakes. This book is for everyone concerned with building more secure software: developers, security engineers, analysts, and testers.3 If you use Ant to compile your application, you can also integrate Fortify SCA into your Ant build script. Refer to the Fortify SCA Usera#39;s Guide information about integrating with Ant. Run Fortify SCA 1. Change to the following directory: Clickanbsp;...

Title:Secure Programming with Static Analysis
Author:Brian Chess, Jacob West
Publisher:Pearson Education - 2007-06-29


You Must CONTINUE and create a free account to access unlimited downloads & streaming