December 5th, 2002, 09:57 PM
Automatic security scanning
Hi. Are there any tools out there that are efficient in checking the code for buffer overflows? I was in one discussion lately and one person claimed that there is no need for signature detection systems or anomaly detection systems for checking for buffer overflows since there are programs that do it offline and then the program is free from buffer overflows and hence there is no need for dynamic analysis. Anybody has a clue?
December 5th, 2002, 10:25 PM
Dont know about buffer overflows in particular but http://www.cigital.com/its4/ have software to check the security of c/c++ source code.