Scanning source code for security flaws: Three best practices - Software Quality Insights

Register

Forgot Password

Site FAQ

Home > IT Blogs > Software Quality Insights > Scanning source code for security flaws: Three best practices

» VIEW ALL POSTS Nov 3 2009 12:21AM GMT

Scanning source code for security flaws: Three best practices

Posted by: Jan Stafford

Here’s some quick advice on scanning source code for security flaws. Maty Siman, CTO of Checkmarx, shares his top three best practices for source code vulnerability inspection.

Scan early and scan often. “The beauty of not having a compiler-based approach is that code can be scanned any time, anywhere,” Siman said.
Use code analysis as a risk benchmark. Be sure your security-optimized code analysis practices and tools eliminate false positives, allowing auditors and CISOs to get a strong handle of enterprise risk.
Use code analysis to introduce a culture of security to development.

Remember, said Siman, “the best defense is a strong offense.”

Comment

RSS Feed

Email a friend

Comment on this Post

You must be logged-in to post a comment. Log-in/Register

Visit Software Quality Home | Software Quality News | Software Quality White Papers | Software Quality Videos | Software Quality Resources

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.

All Rights Reserved, Copyright 1999-2009, TechTarget | Read our Privacy Policy | Site Map

Scanning source code for security flaws: Three best practices

Comment on this Post

About the Blogger

Jan Stafford

Browse This Blog's Tags

Archives

Blog Roll

Subscribe to Alerts