1 |
US-CERT, OpenSSL 'Hea rtbleed' Vulnerability (CVE-2014-0160), https://www.us-cert.gov/ncas/alerts/TA14-098A
|
2 |
Ministry of the Interior and Safety, Guide of Validating Software Security Weakness for e-Government Software Validators, 2013
|
3 |
FindBugs, https://findbugs.sourceforge.net
|
4 |
PMD, https://pmd.github.io
|
5 |
Jiho Bang, Rhan Ha, Jung Whan Park, Pil Young Kang, Minimum Standard of Weakness in Development of Reliable e-GOV Software, Proceedings of Symposium of the Korean Institute of Communications and Information Sciences, 2012
|
6 |
Joonseon Ahn, Eunyoung Lee , Byeong-Mo Chang, A Study on Security Weakeness for Secure Software Development (SW 개발보안을 위한 보안약점 표준목록 연구), Journal of Korea Institute of Information Security and Cryptology
|
7 |
Jiho Bang, Trend in Open-source Security Vulnerability Detection Tools (공개용 소스코드 보안약점 분석도구 개발 동향), Internet and Security Focus, Korea Internet & Security Agency, May 2014
|
8 |
Ministry of the Interior and Safety, Manual on Validating Security Issues Using Open Source Tools for Software Developers and Validators (전자정부 SW 개발자, 진단원을 위한 공개SW를 활용한 소프트웨어 개발보안 진단가이드), 2016
|
9 |
Jiho Bang, Rhan Ha, Comparing Open Source Static Security Analysis Tools based on Software Weakness, Proceedings of Korea Computing Congress, June 2013
|
10 |
Joonseon Ahn, Ji-ho Bang, Eunyoung Lee, Quantitative Scoring Criteria on the Importance of Software Weaknesses, Journal of the Korea Institute of Information Security & Cryptology, 22(6), Dec. 2012
|
11 |
Jiho Bang, Rhan Ha, Evaluation Methology of Diagnostic Tool for Security Weakness of e-GOV Software, The Journal of the Korean Institute of Communication Sciences, 38(4), Apr. 2013
|
12 |
Yanghwan Park, Minkyung Kim, Policy of Secure Coding for Secure e-Government Software Development (전자정부 소프트웨어의 보안성 강화를 위한 개발보안 제도 연구), Review of KIISC, 26(1), Feb. 2016
|
13 |
LAPSE+, https://www.owasp.org/index.php/OWASP_LAPSE_PR OJECT
|
14 |
Kilho Lee, Information Security Enhancement Focusing On Secure Coding, Proceedings of the KIISE Winter Conference, Dec. 2016
|
15 |
Sukjin Kang, Jinyoung Choi, A Study on the Spread of Inspection Tools for the Secure Coding Culture, Proceedings of the KIISE Winter Conference, Dec. 2016
|
16 |
FindSecurityBugs,https://find-sec-bugs.gi thub.io
|
17 |
SonarQube, https://sonarqube.org
|
18 |
Jiho Bang, Rhan Ha, Validation Test Codes Development of Static Analysis Tool for Secure Software, Journal of the Korean Institute of Communic ation Sciences, 38(5), 2013
|