It's been a while since Brian or I posted anything about Secure Programming with Static Analysis, and Gary McGraw's mention of the book in his recent article on Dark Reading seems like as good an excuse as any. Gary concludes his post, The Truth Behind Code Analysis, with the following:
"If you’re interested in static analysis for security (and you should be), buy and read Secure Programming with Static Analysis by Brian Chess and Jacob West."
The book was also recently reviewed in a recent blog post by the folks over at the Denim Group.
And the following are just a few of the other relevant mentions it has received:
- SDTimes
- Dr. Dobb's Journal
- Sylvan von Stuppe
- Justice League (Cigital)
- SANS
- Deep Inside | Security & Tools
I've also been (pleasantly) surprised by how much interest we've gotten in the warez scene. I won't post those links, however.
