Webcast’s Post Notes: Visual Studio 2005 and Code Scanning Tools

In today’s webcast we had the opportunity to explore the buffer overrun attack in depth which is considered one of the worst vulnerabilities that exist.  Any code that is written in C or C++ –without proper security code reviews–on any platform is susceptible to buffer overrun.  It is becoming easier and easier to create shell code to pass as a parameter to our C or C++ code.  For example, Kevin Lam –lead author of Assessing Network Security book–showed everyone the http://metasploit.com/shellcode.html web site.


Go to my blog to read the rest…..

Comments (0)