PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
January 2003

Software code review: Code testing to identify vulnerabilities

How many people spend thousands of hours developing a software solution, finally getting it to work, and then attempt to break it? Not many, apparently. The software industry is in a state of disarray as hackers continue to get the best of developers, finding vulnerabilities in places where no one remembers to look. Buffer overflows, SQL injection errors and covert channel attacks are just a few of the ways hackers can trip up the unsuspecting developer. And the "point-and-click" world has made these opportunities available to any kid with a computer hooked up to the Internet. The only way to address this problem is to play by hacker rules and beat them to the punch. In software development, this means attacking your own software-testing for failure. Cenzic offers a tool, Hailstorm, that helps developers build security into their code. Why Hailstorm? Why go through the hassle and cost of rigorous security testing? Well, for one thing, the argument for securing code is more compelling than the excuses for failing to do so. It ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Columns in this issue