A programmer, even a good pro- grammer, can produce insecure code. Not because of a mental slip-up, but simply because the programmer is focusing on solving the problem at hand (and meeting a deadline) rather than safeguarding that code from exploitation by some hypothetical hacker. But, as the Blaster worm's mayhem emphasized, software must do more than simply work well ― it must run securely. HBGary's BugScan is a static program analysis tool that locates an application's potential security problems, sections of code that could be attacked to crash the applications and, possibly, the host system.
展开▼