Network Security: Detailed info on Re: Inspecting Code for Security

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security SecProg

[Top] [All Lists]

Re: Inspecting Code for Security

from [Juergen Brauckmann] Network Security

[Permanent Link]

Subject:	Re: Inspecting Code for Security
Date:	Tue, 21 Sep 2004 12:22:47 +0200

caleb.dods@bell.ca wrote:

I have a background in programming and code inspection. However our
inspections were not targeted at security, instead they looked for
logic errors, over complex code, missing comments, etc.
With security in mind what things other things should I be looking for in a code inspection?

Well, you'll want to read "Secure Programming for Linux and Unix HOWTO" by David A. Wheeler, available at <http://www.dwheeler.com/secure-programs/>

Although it has "Linux" and "Unix" in its name, I find it very helpful to get a feeling about potential problems that might strike you on other platforms.

j.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Inspecting Code for Security, caleb . dods Re: Inspecting Code for Security, George V. Neville-Neil Re: Inspecting Code for Security, Juergen Brauckmann <= RE: Inspecting Code for Security, Aleksander P. Czarnowski Re: Inspecting Code for Security, Valdis . Kletnieks RE: Inspecting Code for Security, Aleksander P. Czarnowski RE: Inspecting Code for Security, Yvan Boily RE: Inspecting Code for Security, Aleksander P. Czarnowski RE: Inspecting Code for Security, Yvan Boily RE: Inspecting Code for Security, Yvan Boily RE: Inspecting Code for Security, Luis Hernandez RE: Inspecting Code for Security, Michael Howard

Previous by Date:	RE: "Selling" a code-audit., Michael Howard
Next by Date:	RE: Inspecting Code for Security, Aleksander P. Czarnowski
Previous by Thread:	Re: Inspecting Code for Security, George V. Neville-Neil
Next by Thread:	RE: Inspecting Code for Security, Aleksander P. Czarnowski
Indexes:	[Date] [Thread] [Top] [All Lists]