Secure Programming with Static Analysis

Secure Programming with Static Analysis

by Brian Chess, Jacob West
4.0 1

NOOK Book(eBook)

$44.99 $47.99 Save 6% Current price is $44.99, Original price is $47.99. You Save 6%.
View All Available Formats & Editions
Available on Compatible NOOK Devices and the free NOOK Apps.
Want a NOOK ? Explore Now

Customer Reviews

Most Helpful Customer Reviews

See All Customer Reviews

Secure Programming with Static Analysis 4 out of 5 based on 0 ratings. 1 reviews.
Guest More than 1 year ago
Chess and West describe methods of building security into your coding projects. As an integral part of the development process. There are tools out there which perform the static analysis described in the text. These are far removed from the early tools, which the book correctly describes as glorified grep. (That is, they were merely fancy parsers.) The tools are not definitive, as you are cautioned. Often, their greatest virtue can be to point out source code that should be subject to manual scrutiny. In a large code base, of hundreds of thousands of lines, this can be invaluable assistance. A quick comparative summary of various bug and security tools is also provided in Chapter 2. Specifically, figure 2.2 is a nice qualitative summary of these tools. Various chapters of the book deal with problems also covered elsewhere. Like finding buffer overflows. Especially with string logic. While the Web also is now a source of weaknesses in web applications that are weak in input and output validation. You have to carefully filter anything that you solicit as user input on a web page.