A question is in my mind everywhen I see a
vulnerability disclosure. I want to know how a person
finds a security vulnerability in a software. Is there
a regular way?
Suppose that I am technical chair of a software group
and we have a software that security consideration
is important for us. How can I test our software to
ensure that no security vulnerabilities (like buffer
overflow vuln) exists in our software product. Or it
is question for me how for example eEye find many
vulnerabilities in software products. Is there a
regular and formal way? Is there some tools, technics,
method, ... for this purpose, for finding a
vulnerability in a software?
Do you Yahoo!?
New and Improved Yahoo! Mail - Send 10MB messages!
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html