Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - Are code analysis tools always correct? ->

Submitted by Anonymous Coward
An anonymous reader writes "I work at a company that makes software for call center optimization. Recently my boss arranged for my code to be tested by IBM AppScan tools for cross site scripting vulnerabilities. It found 233 of them, but most of them are false positives. Now my boss won't ship my code and has inserted an extra level of oversite on my outputs. No doubt other developers have experienced what I have, being smarter than IBM isn't hard after all, but I'm not sure how to convince my boss of this. Any tips?"
Link to Original Source
This discussion was created for logged-in users only, but now has been archived. No new comments can be posted.

Are code analysis tools always correct?

Comments Filter:

Parts that positively cannot be assembled in improper order will be.

Working...