Sunday, August 26, 2007


Secure Coding Practices

Many security practitioners are starting to embrace the notion of Secure Coding practices where they use tools from vendors such as Coverity, Ounce Labs, Fortify Software and others.

The interesting thing is that they treat the notion of dead code detection almost as a second class citizen. Maybe the first action item should be for those vendors to figure out how to put into the same box, code coverage tools...

Listed below are several tools that can help (of course, we should assume open source and spell out when closed):

For Java:

MutationTesting: (which isn't really CodeCoverage, but it's related)

for .NET (DotNet):


Links to this post:

Create a Link

<< Home
| | View blog reactions

This page is powered by Blogger. Isn't yours?