Ask the Expert

Scanning vs. manual audits of software

What are some automated open source tools that can scan for flaws in software?

    Requires Free Membership to View

I am not aware of any open source tools that perform this function. All of the tools I have seen are commercial: Fortify, Coverity and Agitar.

I think is also important to note that scanning cannot totally replace manual audits. Tools can remove some of the labor involved but cannot replace human intuition in detecting and extrapolating how a bug or flaw might be exploited and/or fixed.

This was first published in August 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: