FYI, a couple of announcements from SPI Dynamics and Ounce Labs hit 
today -- see,1759,1617901,00.asp for the full 

According to the article, SPI Dynamics has released its "SecureObjects" 
product, which is a series of (presumably) securely written objects that 
developers can make use of for performing various security-related tasks 
(e.g., input validation) in their code.  The article quotes SPI Dynamics' CTO 
as saying, "It doesn't require developers to learn about security," which 
strikes me as being a rather bold statement.

Meanwhile, Ounce Labs has put out a new version of its Prexis source code 
scanner.   It currently scans C and C++, but the article says that a Java 
version will be available in July.

Reports of user experiences with these tools would be appreciated here.



P.S. Anyone interested in seeing a bit of Budapest can check out some of the 
shots I took while I was there at

KRvW Associates, LLC

Reply via email to