Jump to content

Code audit

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by 41.239.3.213 (talk) at 00:19, 8 May 2011. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Guidelines

High-risk vulnerabilities

Low-risk vulnerabilities

Tools

Source code auditing tools generally look for common vulnerabilities and only work for specific programming languages. Such automated tools could be used to save time, but should not be relied on for an in-depth audit. Applying such tools as part of a policy-based approach is recommended.[1]

See also

References

  1. ^ "Static analysis at the end of the SDLC doesn't work" by Wayne Ariola, SearchSoftwareQuality.com, September 22, 2008
Stub icon

This software-engineering-related article is a stub. You can help Wikipedia by expanding it.

Stub icon

This computer security article is a stub. You can help Wikipedia by expanding it.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Code_audit&oldid=428000579"