Isn't everyone's ID prime??
You should probably check out some of the open source static analysis tools:
http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis
I wrote one that deals mostly with web applications:
http://www.yasca.org/
You should also get your hands on Acunetix Free Edition, which scans for XSS:
http://www.acunetix.com/cross-site-scripting/scanner.htm
Also grab yourself a copy of Software Security by Gary McGraw and Secure Programming with Static Analyis by Brian Chess and Jacob West.
Finally, if you want to outsource an assessment on the cheap (really), send me an e-mail.
You can view Senator Ford's bill records at: http://www.scstatehouse.gov/members/bios/0606818109.html
2009-2010: 0 of 68 passed (of course, this one just got started)
2007-2008: 2 of 66 passed
2005-2006: 5 of 54 passed
2003-2004: 14 of 63 passed
2001-2002: 2 of 29 passed
I don't think this bill has much chance of passing.
"Look! There! Evil!.. pure and simple, total evil from the Eighth Dimension!" -- Buckaroo Banzai