with Security, sometimes Sacrifies need to be made.

Static Code Analysis for the Enterprise

Tonight I gave a presentation to the local chapter of ISSA concerning Static Code Analysis (SCA) in an Enterprise environment.  The Static Code Analysis for the Enterprise presentation is not about how to technically perform SCA but rather what considerations need to be met in order to successfully accomplish building and maintaining a SCA program in an enterprise.  Is covers material such as what resources are needed to build a program, recommendations on interacting with developers and some issues that might be encountered when developing the SCA capability.

Comments are currently closed.