Chris Wysopal recently authored an article detailing static analysis that was featured in The Testing Planet. “What is Static Analysis?” provides a comprehensive and in depth yet understandable explanation of the ins and outs of static analysis. Using graphics and examples of code, Chris begins with the loading phase and travels through the Application Modeler, Application Analyzer, and the Reporter while detailing subjects as control flow, range propagation, and triggers and risk analysis. Data injection flaws, memory corruption, information leakage, integer overflows or underflows, as well as threading and race conditions are also covered. The article can be found in the March 2012 issue of The Testing Planet, here. You can access this article directly if you are a current subscriber to Testing Planet. If you are not a current subscriber, you will need to subscribe to The Testing Planet to access the article.

Proud to be one of Veracode’s first co-op employees, Zack is a student concentrating in management and marketing at Northeastern University. With this opportunity, he looks forward to the prospect of further developing the skills he has gained as a student and in other positions, positively contributing to Veracode’s marketing and sales efforts, and learning from and working with the Veracode marketing team!

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.