Sunday, 17 May 2009

Busting the Fortify Myth

« XSS for Fun (and profit?) | Main | HPP and Fortify »

Weird stuff happens when people make software. Sometimes that's because of complexity and unintended consequences, but sometimes it's because the people making the software are just weird. This video is about extending Fortify 360 Server to automatically assign vulnerabilities to the right developer. You might not think that would require any exploding toilets or a car dressed up like a space shuttle, but that's why you need to watch the video.

Busting the Fortify Myth from Brian Chess on Vimeo.

Posted by bchess at 5:11 PM in Fortify

Responses (0)

[Trackback URL for this entry]

Your comment:

Author (*):

E-mail:

URL:

Comment (*):

Remember me?

SCode: (*)

Generate another code
SCode

SCode

Please enter the code as seen in the image above to post your comment.

Live Comment Preview:

Subscribe

Feedburner (RSS)

Local (RSS)

Local (RSS v2.0)

Local (Atom)
Recent Posts
- Back to All Posts
Categories
About

Fortify Software
Fortify Resources

Software Security Resources

Products and Services
Recommended Blogs
- Justice League
- Schneier on Security
- SecurityFix
- CERIAS
- Security Curve
- 1 Raindrop
- Michael Howard's Weblog
- Computer Security
- A Passion for .NET Security
- Emergent Chaos
Meet the Bloggers
- Brian Chess
- Jacob West
- Roger Thornton
- Yekaterina Tsipenyuk
- Fredrick Lee
- Matias Madou
- Eddie Lee
- Joy Forsythe
- Jonathan Carter
Recommended Books
- Secure Programming with Static Analysis
  by Brian Chess and Jacob West
- Security Metrics: Replacing Fear, Uncertainty, and Doubt
  by Andrew Janquith
- Building Secure Software: How to Avoid Security Problems the Right Way
  by John Viega and Gary McGraw
- IEEE Security & Privacy Magazine
- How to Break Software Security
  by J. Whittaker and H. Thompson
- Security Engineering
  by Ross Andersen
- Software Security: Building Security In
  by Gary McGraw
- The Security Development Lifecycle
  by Michael Howard and Steve Lipner
- The Shellcoder's Handbook: Discovering and Exploiting Security Holes
  by Jack Koziol, David Litchfield, Dave Aitel, Chris Anley, Sinan "noir" Eren, Neel Mehta, Riley Hassell
- Writing Secure Code, 2nd ed.
  by M. Howard and D. LeBlanc