WebApp Sec mailing list archives
Re: Tool for source code review
From: Adam Shostack <adam () homeport org>
Date: Tue, 20 Dec 2005 11:42:15 -0500
Are you looking for review tools, or analysis tools? I differentiate by saying that review tools are focused on collaboration and communication about what's been looked at. There are some emacs modes, but I'd be interested to learn about more. Adam On Mon, Dec 19, 2005 at 11:15:14AM -0800, Ambarish Malpani wrote: | | The most commonly used commercial tools names are: | | Fortify - www.fortifysoftware.com | Ounce Labs - www.ouncelabs.com | Secure Software - www.securesoftware.com | | | There is some free/open source software available too - depends on how | deep | a coverage you want. There is also the option of a bunch of consulting | companies..... | | Regards, | Ambarish | | | | > -----Original Message----- | > From: Pratiksha Doshi [mailto:pratiksha () nii co in] | > Sent: Monday, December 19, 2005 5:40 PM | > To: webappsec () securityfocus com | > Subject: Tool for source code review | > | > Hi All, | > | > Can anybody suggest with tools for source code review with | > security kept in mind. | > | > Thanks... | > Pratiksha | > | >
Current thread:
- Tool for source code review Pratiksha Doshi (Dec 19)
- RE: Tool for source code review Carl Davis (Dec 20)
- <Possible follow-ups>
- RE: Tool for source code review Ambarish Malpani (Dec 20)
- Re: Tool for source code review Adam Shostack (Dec 20)