|
WebApp Sec
mailing list archives
Re: Tool for source code review
From: Adam Shostack <adam () homeport org>
Date: Tue, 20 Dec 2005 11:42:15 -0500
Are you looking for review tools, or analysis tools? I differentiate
by saying that review tools are focused on collaboration and
communication about what's been looked at. There are some emacs
modes, but I'd be interested to learn about more.
Adam
On Mon, Dec 19, 2005 at 11:15:14AM -0800, Ambarish Malpani wrote:
|
| The most commonly used commercial tools names are:
|
| Fortify - www.fortifysoftware.com
| Ounce Labs - www.ouncelabs.com
| Secure Software - www.securesoftware.com
|
|
| There is some free/open source software available too - depends on how
| deep
| a coverage you want. There is also the option of a bunch of consulting
| companies.....
|
| Regards,
| Ambarish
|
|
|
| > -----Original Message-----
| > From: Pratiksha Doshi [mailto:pratiksha () nii co in]
| > Sent: Monday, December 19, 2005 5:40 PM
| > To: webappsec () securityfocus com
| > Subject: Tool for source code review
| >
| > Hi All,
| >
| > Can anybody suggest with tools for source code review with
| > security kept in mind.
| >
| > Thanks...
| > Pratiksha
| >
| >
 By Date 
By Thread
Current thread:
|
Intro
