Vulnerability Development mailing list archives
security scanning software for source code?
From: "Sanchez, Scott" <Scott.Sanchez () GS COM>
Date: Wed, 18 Oct 2000 13:54:29 -0400
Hello all, Does anyone have any suggestions on products that will review application code (visual basic/c++, java applets and servlets, cgi's, etc.) for security weaknesses? I would love an engine that I can just drop my java servlets (or weblogic code, xml, perl, css, etc.) into and it would look for things like input fields that have missing or inadequate validation, passwords stored in the app, etc. (I know, i'm asking for a lot). Does anybody have thoughts or suggestions? We have decided that it is impractical for us to write our own scanner at this point. Thanks. -Scott *************************************************** The views and opinions herein are those of the author only and do not necessarily reflect those of any other person or entity. ***************************************************
Current thread:
- security scanning software for source code? Sanchez, Scott (Oct 20)
- Re: security scanning software for source code? Erik Tayler (Oct 24)
- Re: security scanning software for source code? White Vampire (Oct 24)