good code, secure software

It’s time to start being less reactive and more proactive

Skip to content

Home
About
Disclaimer

Tag Archives: Fortify

Teaching Fortify SCA About Confidential Data

In Cigital’s latest newsletter, I explain a few tips for gaining assurance that Fortify SCA is “seeing” code (specifically private or confidential data) the way you think it should be.

¶ Posted 24 November 2009 † mikeware § Fortify SCA ‡ Comments (0) ° Also tagged: Static Analysis

Search
Pages
- About
- Disclaimer

Categories
Tags

BSIMM CWE/SANS Top 25 entity expansion Fortify IO Chokepoints J2EE JSTL Maturity Module OWASP Top 10 Process regex Static Analysis Struts Trust validation Xerces XML XSS

blog.txt theme by Scott Allan Wallick