Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Tool for source code review

from [Adam Shostack] Network Security [Permanent Link]
Subject: Re: Tool for source code review
Date: Tue, 20 Dec 2005 11:42:15 -0500 
Are you looking for review tools, or analysis tools?  I differentiate
by saying that review tools are focused on collaboration and
communication about what's been looked at.  There are some emacs
modes, but I'd be interested to learn about more.

Adam

On Mon, Dec 19, 2005 at 11:15:14AM -0800, Ambarish Malpani wrote:
| 
| The most commonly used commercial tools names are:
| 
| Fortify - www.fortifysoftware.com
| Ounce Labs - www.ouncelabs.com
| Secure Software - www.securesoftware.com
| 
| 
| There is some free/open source software available too - depends on how
| deep
| a coverage you want. There is also the option of a bunch of consulting
| companies.....
| 
| Regards,
| Ambarish
| 
|  
| 
| > -----Original Message-----
| > From: Pratiksha Doshi [mailto:pratiksha@nii.co.in] 
| > Sent: Monday, December 19, 2005 5:40 PM
| > To: webappsec@securityfocus.com
| > Subject: Tool for source code review
| > 
| > Hi All,
| > 
| > Can anybody suggest with tools for source code review with 
| > security kept in mind.
| > 
| > Thanks...
| > Pratiksha
| > 
| >
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: New OWASP project - PCI Web Security Standards, Lyal Collins
Next by Date:  Re: Rules on security issues for static code analizers of Java, Justin Clarke
Previous by Thread:  RE: Tool for source code review, Ambarish Malpani
Next by Thread:  Vulnerabilties of any Messenger, Pratiksha Doshi
Indexes:  [Date] [Thread] [Top] [All Lists]