Bugtraq mailing list archives

RE: ITS4 from Cigital flawed

From: "Jeremy Epstein" <jepstein () webmethods com>
Date: Fri, 22 Feb 2002 12:07:28 -0500

p.s. More relevant technical criticism of ITS4 can be found in John Viega,
J.T. Bloch, Tadayoshi Kohno & Gary McGraw  (2000) ITS4: A Static
Vulnerability Scanner for C and C++ Code. In the Proceedings of
ACSAC 2000,
December, 2000.


Ob-advertisement: This paper (which won the best paper award at the ACSAC
conference) can be found at http://www.acsac.org/2000/abstracts/78.html

On a related note, the call for papers for ACSAC 2002 can be found at
http://www.acsac.org/2002/cfp/.  As the past program chair and current
program cmte member, please consider this a solicitation for submissions
from Bugtraq readers....

Current thread:

RE: ITS4 from Cigital flawed Gary McGraw (Feb 21)
- RE: ITS4 from Cigital flawed Jeremy Epstein (Feb 23)