Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Code reviews

From: Andre Rodrigues <acastanheira2001 () yahoo com br>
Date: Fri, 20 Feb 2009 06:03:48 -0800 (PST)
Hi there,

I do the same questions to the JEE (jAVA) realm.


Thanks,
André


--- On Thu, 2/19/09, David Felio <david () ark org> wrote:


From: David Felio <david () ark org>
Subject: Re: Code reviews
To: "Alex Fiuvertiz" <fiuvertiz () gmail com>, security-basics () securityfocus com
Date: Thursday, February 19, 2009, 3:16 PM
Don't know what features you are looking for, but have
you looked at  
CAT and FxCop? Both free from MS. Both do static code
analysis.

FxCop:
http://msdn.microsoft.com/en-us/library/bb429476(VS.80).aspx
CAT:
http://blogs.msdn.com/cisg/archive/2008/12/22/security-code-review-using-cat-net-part-1.aspx


On Feb 18, 2009, at 5:29 AM, Alex Fiuvertiz wrote:


Hi there,

Are there any open source tools that are worth using

when it comes to

source code reviews against .NET/C#?
Or is a commercial way the only good way?

Thanks, Alex
Previous By Date Next
Previous By Thread Next

Current thread: