Re: calling all software security tool vendors/freeware/open source project leads
From: Ashish Popli (apopli_at_gmail.com)
To: firstname.lastname@example.org Date: Fri, 01 Apr 2005 23:30:46 -0500
David A. Wheeler wrote:
> My flawfinder home home at http://www.dwheeler.com/flawfinder
> links to a number of tools & papers for static source code
> analysis to find security flaws.
> Until Arian Evans' master list is available at OWASP,
> if you're looking for information that might be a
> good place to start. (Arian Evans is already aware of this.)
> Arian: I suggest that you list not just the tools
> themselves, but also (some) papers about the tools.
> Many of the people looking at the tools will want to
> read reviews of the general technology & of specific tools.
> You won't be able to list all papers, but a starting
> point for people would be very helpful.
> --- David A. Wheeler
A good introductory article on static analysis of source code for
analyzing security issues can be found at