Integration of some of the static techniques found in tools like fortify into
compilers does make sense. However, not all of the kinds of things should be
put in the compiler (how many coders do you know that use the -Wall??!). So
one use case for some of the knowledge would be compiler
Sure it should be built into the language, and I assume it will be
eventually. Heck it only took 30 or 40 years for people to force developers
to use Try...Catch blocks.
-gp
On 12/21/06 9:30 AM, McGovern, James F (HTSC, IT)
[EMAIL PROTECTED] wrote:
I have been noodling the problem space of
McGovern, James F \(HTSC, IT\)
I have been noodling the problem space of secure coding after attending
a wonderful class taught by Ken Van Wyk. I have been casually checking
out Fortify, Ounce Labs, etc and have a thought that this stuff should
really be part of the compiler and not a
Katholieke Universiteit Leuven organizes an intensive course on secure
application development for experienced software practitioners, in
partnership with Solvay Business School and L-Sec (Leuven Security
Excellence Consortium), from February 26th to March 2nd 2007.
The course is aimed at
