[WEB SECURITY] Open Source Code Analysis Tools

Mike Duncan Mike.Duncan at noaa.gov
Wed Apr 16 08:54:45 EDT 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Fortify Software has a good one called SCA. It is part of a suite they
offer called 360, but overall it is very good. It is a plugin into an
IDE and supports many languages.

http://www.fortifysoftware.com


Truxaw, Matthew wrote:
> Can anyone point me in the direction of a good open source tool for
> automating code analysis for security issues?  In particular, I'd like
> one or more tools to scan our java and .net (C#) code base. 
>  
> Regards,
>  
> Matt
>  
> 
> **********************************************************************
> This message contains confidential information intended only for the use
> of the addressee(s) named above and may contain information that is
> legally privileged.  If you are not the addressee, or the person
> responsible for delivering it to the addressee, you are hereby notified
> that reading, disseminating, distributing or copying this message is
> strictly prohibited.  If you have received this message by mistake,
> please immediately notify us by replying to the message and delete the
> original message immediately thereafter.
> 
> Thank you.
> 
>                                                                                                                         
> FADLD Tag
> **********************************************************************
> 

- --
Mike Duncan
ISSO, Application Security Specialist
Government Contractor with STG, Inc.
NOAA :: National Climatic Data Center
151 Patton Ave.
Asheville, NC 28801-5001
mike.duncan at noaa.gov
828.271.4289
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFIBfcUnvIkv6fg9hYRAtA4AKCLw1FyX/4PAQ/wOWVZH8KF73B/QQCePq0c
UEwyJAQebFeDiLqqEgM6pmw=
=dUtu
-----END PGP SIGNATURE-----

----------------------------------------------------------------------------
Join us on IRC: irc.freenode.net #webappsec

Have a question? Search The Web Security Mailing List Archives: 
http://www.webappsec.org/lists/websecurity/

Subscribe via RSS: 
http://www.webappsec.org/rss/websecurity.rss [RSS Feed]



More information about the websecurity mailing list