
	Home > Ask the Enterprise Linux Experts > Security Questions & Answers > Scanning vs. manual audits of software

Ask The Enterprise Linux Expert: Questions & Answers

EMAIL THIS

Scanning vs. manual audits of software

EXPERT RESPONSE FROM: James Turnbull

		Pose a Question

		Other Enterprise Linux Categories

		Meet all Enterprise Linux Experts
		Become an Expert for this site

Digg This!

StumbleUpon

Del.icio.us

QUESTION POSED ON: 08 August 2006
What are some automated open source tools that can scan for flaws in software?

EXPERT RESPONSE
I am not aware of any open source tools that perform this function. All of the tools I have seen are commercial: Fortify, Coverity and Agitar.

I think is also important to note that scanning cannot totally replace manual audits. Tools can remove some of the labor involved but cannot replace human intuition in detecting and extrapolating how a bug or flaw might be exploited and/or fixed.

Digg This!

StumbleUpon

Del.icio.us

RELATED RESOURCES

	2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems
	Search Bitpipe.com for the latest white papers and business webcasts
	Whatis.com, the online computer dictionary

Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and answer pairs from more than 250 TechTarget industry experts.

Browse our Expert Advice
Operating Systems IT Management Networking Database	Security Servers and Storage Applications and Development Career Center

SEARCH

TechTarget provides enterprise IT professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective IT purchase decisions and managing their organizations' IT projects - with its network of technology-specific Web sites, events and magazines.


TechTarget Corporate Web Site \| Media Kits \| Reprints \| Site Map All Rights Reserved, Copyright 2003 - 2008, TechTarget \| Read our Privacy Policy