Source code audit tool
From: lupin (lupin9809_at_hotmail.com)
Date: 10/15/03
- Previous message: Gian Zas: "Re: Protecting code and data in Windows"
- Next in thread: Axelle Apvrille: "Re: Source code audit tool"
- Reply: Axelle Apvrille: "Re: Source code audit tool"
- Maybe reply: lupin: "Re: Source code audit tool"
- Reply: Jeff Williams _at_ Aspect: "Re: Source code audit tool"
- Reply: Robert Auger: "RE: Source code audit tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 15 Oct 2003 12:32:44 -0000 To: secprog@securityfocus.com('binary' encoding is not supported, stored as-is)
Hi,
I looking for a source code auditing tool in order to find vulnerabilities in WEB applications as early as possible in the developement cycle.
I would like to scan some JSP/servelts WEB application developped within WebSphere.
My questions are:
- Can we find some security vulnerabilty with a source code audit of java code? (Like for c/c++)
- If yes, Is there a tool in order to do that automaticly?
I've found the following applications:
- Sanctum AppScan
- SPI Dynamics WebInspect
- Kavado Scando
- OWASP Webscarab (open source)
Yes, they check the WEB application overall security but not directly in the source code!
Thank you in advance for your help.
Marc
- Previous message: Gian Zas: "Re: Protecting code and data in Windows"
- Next in thread: Axelle Apvrille: "Re: Source code audit tool"
- Reply: Axelle Apvrille: "Re: Source code audit tool"
- Maybe reply: lupin: "Re: Source code audit tool"
- Reply: Jeff Williams _at_ Aspect: "Re: Source code audit tool"
- Reply: Robert Auger: "RE: Source code audit tool"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
