Putting the tools to work: how to succeed with source code analysis
暂无分享,去创建一个
Code analysis tools can play an essential role in creating secure software. They can help catch common coding mistakes such as buffer overflow, cross-site scripting, SQL injection, and a variety of race conditions. With a certain amount of customization, they can also provide for deeper, application-specific inspection as well as a general audit against custom coding standards
[1] Gary McGraw,et al. Static Analysis for Security , 2004, IEEE Secur. Priv..
[2] Ken Frazer,et al. Building secure software: how to avoid security problems the right way , 2002, SOEN.
[3] Ross J. Anderson. Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .