Michael S Hines [mailto:[EMAIL PROTECTED] writes:

 > Product integration - why have an editor, separate source code analizer,
 > separate 'lint' product, compiler, linker, object code analyzer, Fuzz
 > testing tools, etc...    apart from marketing and revenue stream - it
 > doesn't help the developer any.

It may.  IME, "all-in-one" products usually integrate the pieces well.  On the 
other claw, they don't tend to do most, if any, of the pieces well.  On the 
third hand, "integration" doesn't have to mean they're no longer "separate".  
They can "play nicely together" if they adhere to relevant standards for 
interoperability.  Witness how you can develop a lot of software without 
leaving Emacs, or Eclipse.

However, I don't think that's all that relevant to software security in 
particular, as opposed to software development in general.


Dave Aronson
"Specialization is for insects."  -Heinlein
Work: http://www.davearonson.com/
Play: http://www.davearonson.net/

Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.

Reply via email to