NIST, helping find the flaws so the bad guys won’t.
From Gov Info Security:
A new report from the National Institute of Standards and Technology (NIST) examines static analyzers, software that identifies weaknesses in other programs that could be triggered accidentally or exploited by hackers.
The report, SP- 500-279, will help toolmakers assess their products’ ability to find security defects in other software, according to NIST. Eight tool developers, along with a ninth team of professional human reviewers, participated in the Static Analysis Tool Exposition, or SATE, an exercise by NIST and static analyzer vendors that began in February 2008 to improve the performance of these tools.
Every little bit helps.
