Jacob West and I are proud to announce that our book, Secure Programming
with Static Analysis, is now available.
http://www.amazon.com/dp/0321424778
The book covers a lot of ground.
* It explains why static source code analysis is a critical part of a secure
development process.
* It shows how static analysis tools work, what makes one tool better than
another, and how to integrate static analysis into the SDLC.
* It details a tremendous number of vulnerability categories, using
real-world examples from programs such as Sendmail, Tomcat, Adobe Acrobat,
Mac OSX, and dozens of others.
We'd like to thank the many members of the sc-l list who helped us out with
the book in one way or another, including:
Pravir Chandra
Gary McGraw
Katrina O'Neil
John Steven
Ken van Wyk
Regards,
Brian and Jacob
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
