- TalkBack 1 of 2:
- Next »
- Thread View
- Flat View
- Only problem with Fortify is...
-
... that it gives you sensless hints and does not have stop. It finds things like name of variable password and does not understand that it is a reference to some mapping (securrity indirection). It does not reciognize that credentials are for JUnit testing only and they are valid only in development environment for automated testing which means they are either configured locally in a file or even hardcoded for convenience. Of coyurse nobody sane deploys tests withy productio.... but some enviornments and some engineers (you would be surprised what positions they hold in corporations) are not quite sane.
Basically, you have to spend quite some time to teach it what is secure what is not in a particular environment. Other than that you could learn coding principles as well as design principles with a book and stop making common mistakes, but that would require "extermination" of dinosaurs who keep doing dumb things on purposee or from laziness or "beacuse we need fast change for operations and that would slow us down". - Posted by: FirstNLastN Posted on: 12/20/05 You are currently: a Guest | Members login | Terms of Use
Only problem with Fortify is...
FirstNLastN | 12/20/05
|
speaking of security
ejhonda | 12/21/05
|
What do you think?
SponsoredWhite Papers, Webcasts, and Downloads
- INNOV8 2.0: A Business Process Management Simulator IBM Innovate your business' process model, play against the market, compete ... Download Now
- Evaluating Price/Performance of VMware ESX Server on Dell PowerEdge Servers Dell This paper examines the price/performance advantage that enterprises can ... Download Now
- Wireless Lab Delivers Technology and a Better Education Dell Steve Spangler, assistant principal of Middlesboro Middle School in ... Download Now
Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
- The Compelling Case for Conferencing
-
Read the whitepaper to discover the specific ways Unified Communications can improve your bottom line.
- Click to download >>
- New Online Dashboard for IT Leaders
-
Read about top issues IT decision-makers face every day, plus get cost-effective solutions to real-life IT problems.
- Learn more >>
- Keep Up With The Latest In Document Management with The DocuMentor.
-
Doc delivers the scoop on today's enterprise content management, printer maintenance, and all other issues related to document management. It's the DocuMentor Blog.
- Learn more >>
- Save time with automated shipping solutions
-
The Business Essentials Guide provides you useful tools and templates to help grow your business and save you time with automated shipping solutions.
- Visit the UPS Business Essentials Guide
- Microsoft Dynamics CRM Online - Free Six-Month Trial for Eligible Organizations
-
Microsoft Dynamics CRM Online provides fast online access, simple contact management and better sales performance for a low monthly cost - the best value on the market today.
- Learn more about the free, six-month trial offer >>
SmartPlanet
- Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
- More from IBM
-
- How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
- Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
- Linking Decisions and Information for Organizational Performance Read the Tom Davenport study
