Secure Coding mailing list archives
Secure Programming with Static Analysis
From: brian at fortifysoftware.com (Brian Chess)
Date: Wed, 04 Jul 2007 20:30:14 -0700
Jacob West and I are proud to announce that our book, Secure Programming with Static Analysis, is now available. http://www.amazon.com/dp/0321424778 The book covers a lot of ground. * It explains why static source code analysis is a critical part of a secure development process. * It shows how static analysis tools work, what makes one tool better than another, and how to integrate static analysis into the SDLC. * It details a tremendous number of vulnerability categories, using real-world examples from programs such as Sendmail, Tomcat, Adobe Acrobat, Mac OSX, and dozens of others. We'd like to thank the many members of the sc-l list who helped us out with the book in one way or another, including: Pravir Chandra Gary McGraw Katrina O'Neil John Steven Ken van Wyk Regards, Brian and Jacob
Current thread:
- Secure Programming with Static Analysis Brian Chess (Jul 04)
- <Possible follow-ups>
- Secure Programming with Static Analysis Gary McGraw (Jul 05)
- Secure Programming with Static Analysis McGovern, James F (HTSC, IT) (Jul 09)
- Secure Programming with Static Analysis Julie Ryan (Jul 09)
- Secure Programming with Static Analysis McGovern, James F (HTSC, IT) (Jul 09)
- Secure Programming with Static Analysis Gary McGraw (Jul 09)