<div>
<div class="content wysiwyg-content">
Hi to all of you,<br />
I need your advice since I'm not a programmer.<br />
The security manager needs a software to analyze the code produced by our development team . This is a procedure he wants to implement before publishing web projects on the internet.<br />
Based on your experience can you reccomend a software that gives good and easy to read reports.<br />
This is where I started<br />
<a href="http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis" rel="ugc">http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis</a><br />
<br />
Thank you<br />
Carlo
</div>
</div>


Hi to all of you,
I need your advice since I'm not a programmer.
The security manager needs a software to analyze the code produced by our development team . This is a procedure he wants to implement before publishing web projects on the internet.
Based on your experience can you reccomend a software that gives good and easy to read reports.
This is where I started
http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis

Thank you
Carlo

Static code analisys tools, your consideration

Programming includes both the specifics of the language you’re using, like Visual Basic, .NET, Java and others, but also the best practices in user experience and interfaces and the management of projects, version control and development. Other programming topics are related to web and cloud development and system and hardware programming.

Programming

A programming language is a formal constructed language designed to communicate instructions to a machine, particularly a computer. Thousands of different programming languages have been created, mainly in the computer field, and many more still are being created every year. The description of a programming language is usually split into the two components of syntax (form) and semantics (meaning). Some languages are defined by a specification document (for example, the C programming language is specified by an ISO Standard), while other languages (such as Perl) have a dominant implementation that is treated as a reference. Some languages have both, with the basic language defined by a standard and extensions taken from the dominant implementation being common.

Programming Languages-Other

A scripting language is a programming language that supports scripts, programs written for a special run-time environment that automate the execution of tasks that could alternatively be executed one-by-one by a human operator. Scripting languages are often interpreted (rather than compiled). Primitives are usually the elementary tasks or API calls, and the language allows them to be combined into more complex programs. Environments that can be automated through scripting include software applications, web pages within a web browser, the shells of operating systems (OS), embedded systems, as well as numerous games. A scripting language can be viewed as a domain-specific language for a particular environment; in the case of scripting an application, this is also known as an extension language.

Scripting Languages

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.

Security

A vulnerability is a weakness which allows an attacker to reduce a system's information assurance. Vulnerability is the intersection of three elements: a system susceptibility or flaw, attacker access to the flaw, and attacker capability to exploit the flaw. To exploit a vulnerability, an attacker must have at least one applicable tool or technique that can connect to a system weakness, known as the attack surface. Vulnerability management is the cyclical practice of identifying, classifying, remediating, and mitigating vulnerabilities. Other vulnerabilities include security risks, security defects and constructs in programming languages that are difficult to use properly.