Secure Coding mailing list archives
SPI, Ounce Labs Target Poorly Written Code
From: "Kenneth R. van Wyk" <Ken () KRvW com>
Date: Mon, 28 Jun 2004 21:53:25 +0100
FYI, a couple of announcements from SPI Dynamics and Ounce Labs hit eWeek.com today -- see http://www.eweek.com/article2/0,1759,1617901,00.asp for the full text. According to the article, SPI Dynamics has released its "SecureObjects" product, which is a series of (presumably) securely written objects that developers can make use of for performing various security-related tasks (e.g., input validation) in their code. The article quotes SPI Dynamics' CTO as saying, "It doesn't require developers to learn about security," which strikes me as being a rather bold statement. Meanwhile, Ounce Labs has put out a new version of its Prexis source code scanner. It currently scans C and C++, but the article says that a Java version will be available in July. Reports of user experiences with these tools would be appreciated here. Cheers, Ken P.S. Anyone interested in seeing a bit of Budapest can check out some of the shots I took while I was there at http://www.vanwyk.org/ken/galleries.php -- KRvW Associates, LLC http://www.KRvW.com
Current thread:
- SPI, Ounce Labs Target Poorly Written Code Kenneth R. van Wyk (Jun 28)
- Re: SPI, Ounce Labs Target Poorly Written Code Blue Boar (Jun 29)
- Re: SPI, Ounce Labs Target Poorly Written Code Crispin Cowan (Jun 30)
- <Possible follow-ups>
- RE: SPI, Ounce Labs Target Poorly Written Code Peter Amey (Jun 29)
- RE: SPI, Ounce Labs Target Poorly Written Code ljknews (Jun 29)
- Re: SPI, Ounce Labs Target Poorly Written Code Blue Boar (Jun 29)
- Re: SPI, Ounce Labs Target Poorly Written Code James Walden (Jun 30)
- Re: SPI, Ounce Labs Target Poorly Written Code Blue Boar (Jun 29)