Linux Today: Linux News On Internet Time.

developerWorks: Software Security Analysis with BogoSec

May 09, 2006, 10:45 (0 Talkback[s])
(Other stories by Dustin Kirkland, Loulwa Salem)

[ Thanks to An Anonymous Reader for this link. ]

"BogoSec is a source code metric tool that wraps multiple source code scanners, invokes them on its target code, and produces a final score that approximates the security quality of the code. This article discusses the BogoSec methodology and implementation, and illustrates the output of BogoSec when run on a number of test cases, including Apache Web server, OpenSSH, Sendmail, Perl, and others.

"The CERT Coordination Center (CERT/CC) reported 5,990 vulnerabilities in 2005 compared with 171 in 1995..."

Complete Story

Related Stories: