Flawfinder
The automated assessment tool I choose is Flawfinder. Flawfinder is a general purpose scanner for finding and reporting potential flaws in C and C++ source code. This program searches through the source code of an application looking for security flaws and then generate a report with the flaws organized by seriousness. Typical errors Flawfinder find is buffer overflow vulnerabilities and string formatting facts .
When using Flawfinder you should always analyze a copy of the source program being analyzed, not a directory that can be modified by a developer while flawfinder is performing the analysis. If an attacker has control over the files while you’re analyzing them, the attacker could move files around or change their contents to prevent the exposure of a security problem (or create the impression of a problem where there is none. Also, do not use the –allow link option in such cases; attackers could create malicious symbolic links to files outside of their source code area (such as passwords) Organizations can protect themselves by following simple steps which we constantly talk about. Organizations can ensure that anti-virus, anti-spyware and malware applications are kept up to date and routinely ran on the workstation. Make sure applications, operating systems are up to date and patched. Lastly the organization can subscribe to a cyber intelligence service which can help them identify on-line threats, misrepresentations or online fraud brands.
Automated Audit Example: Flawfinder. (2013, December 08). Retrieved from Debian: http://www.debian.org/security/audit/examples/flawfinder
David, W. (n.d.). Flawfinder. Retrieved from Ubuntu Manuals: http://manpages.ubuntu.com/manpages/hardy/man1/flawfinder.1.html
Phillips, S., & Oriyano, G. (2010). Hacker Technique, Tools, and Incident Handling. Jones & Bartlett Learning
When using Flawfinder you should always analyze a copy of the source program being analyzed, not a directory that can be modified by a developer while flawfinder is performing the analysis. If an attacker has control over the files while you’re analyzing them, the attacker could move files around or change their contents to prevent the exposure of a security problem (or create the impression of a problem where there is none. Also, do not use the –allow link option in such cases; attackers could create malicious symbolic links to files outside of their source code area (such as passwords) Organizations can protect themselves by following simple steps which we constantly talk about. Organizations can ensure that anti-virus, anti-spyware and malware applications are kept up to date and routinely ran on the workstation. Make sure applications, operating systems are up to date and patched. Lastly the organization can subscribe to a cyber intelligence service which can help them identify on-line threats, misrepresentations or online fraud brands.
Automated Audit Example: Flawfinder. (2013, December 08). Retrieved from Debian: http://www.debian.org/security/audit/examples/flawfinder
David, W. (n.d.). Flawfinder. Retrieved from Ubuntu Manuals: http://manpages.ubuntu.com/manpages/hardy/man1/flawfinder.1.html
Phillips, S., & Oriyano, G. (2010). Hacker Technique, Tools, and Incident Handling. Jones & Bartlett Learning