Following the White Rabbit Blog » All Tags » testing » security (RSS)

Browse by Tags

Following the White Rabbit Blog

Syndication

Archives

Static Code Analysis Failures

Static code analysis failures are costing enterprises money and reputation. White-box security testing is inherently a flawed proposition for many reasons -but it all comes down to a very simple concept: Machines do not execute source code, they execute...

Published 05-06-2008 4:32 PM by Rafal Los

Filed under: security, testing, static code analysis, whitebox, data-flow analysis, hybrid analysis, dynamic analysis
"Security Vulnerability" != "Defect" ; why?

It's one of those obvious things. A defect is a defect, right? Whether the airbag is faulty, or the gas cap doesn't hold pressure... a defect is a defect. The strange thing is - it hasn't been that way, and still isn't that way, in most...

Published 04-01-2008 10:18 AM by Rafal Los

Filed under: defects, vulnerabilities, security, functional specification, quality, testing, development

Powered by Community Server (Non-Commercial Edition), by Telligent Systems

Information disclosed in this community becomes public. Exercise caution when deciding to disclose your personal information. HP reserves the right, but is not obligated to, edit or remove your comment if it contains personally identifiable information or other content HP deems unacceptable. Opinions expressed are your personal opinions or those of the original authors, and not of HP. Please see HP's web Terms of Use for more details.

Privacy statement | Using this site means you accept its terms

Browse by Tags

Syndication

Recent Posts

Tags

Archives

Static Code Analysis Failures

"Security Vulnerability" != "Defect" ; why?