Source Code Security archives - Software Quality Insights

Register

Forgot Password

Site FAQ

Home > IT Blogs > Software Quality Insights >

Software Quality Insights:

source code security

Nov 3 2009 12:21AM GMT

Scanning source code for security flaws: Three best practices

Posted by: Jan Stafford

Here’s some quick advice on scanning source code for security flaws. Maty Siman, CTO of Checkmarx, shares his top three best practices for source code vulnerability inspection.

Scan early and scan often. “The beauty of not having a compiler-based approach is that code can be scanned any time, anywhere,” Siman said.
Use code analysis as a risk benchmark. Be sure your security-optimized code analysis practices and tools eliminate false positives, allowing auditors and CISOs to get a strong handle of enterprise risk.
Use code analysis to introduce a culture of security to development.

Remember, said Siman, “the best defense is a strong offense.”

0 Comments

RSS Feed

Email a friend

Community Blog | About Us | Contact Us | FAQ | Terms of Use | DMCA Policy

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organization's IT projects - with its network of technology-specific Web sites, events and magazines.

All Rights Reserved, Copyright 1999-2009, TechTarget | Read our Privacy Policy | Site Map

Software Quality Insights:

source code security

Scanning source code for security flaws: Three best practices

About the Blogger

Jan Stafford

Browse This Blog's Tags

Archives

Blog Roll

Subscribe to Alerts