翻訳と辞書
Words near each other
・ Code page 851
・ Code page 852
・ Code page 853
・ Code page 855
・ Code page 856
・ Code page 857
・ Code page 858
・ Code page 859
・ Code page 860
・ Code page 861
・ Code page 862
・ Code amber alert
・ Code and Other Laws of Cyberspace
・ Code as data
・ Code Aster
Code audit
・ Code B
・ Code Black
・ Code Black (DJ)
・ Code Black (TV series)
・ Code bloat
・ Code Blue
・ Code Blue (album)
・ Code Blue (film)
・ Code Blue (Japanese TV series)
・ Code Blue – Emergency
・ Code Breaker
・ Code Breakers
・ Code Breakers (film)
・ Code browser


Dictionary Lists
翻訳と辞書 辞書検索 [ 開発暫定版 ]
スポンサード リンク

Code audit : ウィキペディア英語版
Code audit
A software code audit is a comprehensive analysis of source code in a programming project with the intent of discovering bugs, security breaches or violations of programming conventions. It is an integral part of the defensive programming paradigm, which attempts to reduce errors before the software is released. C and C++ source code is the most common code to be audited since many higher-level languages, such as Python, have fewer potentially vulnerable functions (e.g., functions that do not check bounds).
== Guidelines ==
When auditing software, every critical component should be audited separately and together with the entire program. It is a good idea to search for high-risk vulnerabilities first and work down to low-risk vulnerabilities. Vulnerabilities in between high-risk and low-risk generally exist depending on the situation and how the source code in question is being used. Application penetration testing tries to identify vulnerabilities in software by launching as many known attack techniques as possible on likely access points in an attempt to bring down the application. This is a common auditing method and can be used to find out if any specific vulnerabilities exist, but not where they are in the source code. Some claim that end-of-cycle audit methods tend to overwhelm developers, ultimately leaving the team with a long list of known problems, but little actual improvement; in these cases, an in-line auditing approach is recommended as an alternative.

抄文引用元・出典: フリー百科事典『 ウィキペディア(Wikipedia)
ウィキペディアで「Code audit」の詳細全文を読む



スポンサード リンク
翻訳と辞書 : 翻訳のためのインターネットリソース

Copyright(C) kotoba.ne.jp 1997-2016. All Rights Reserved.