Page 6 - Cyber Warnings
P. 6
Taint Analysis in CodeSonar
It comes back to taint analysis, which is an extremely useful technique to help anyone
performing a security audit better understand a program’s attack surface(s). Taint analysis is
performed automatically by CodeSonar as part of its regular set of analyses, and presented
visually within the CodeSonar interface to demonstrate how risky data can flow from one part of
a program to another.
Since taint can flow through the program in unexpected ways, it’s important to understand these
channels fully. In CodeSonar, the flow of tainted data can be visualized and program elements
involved in flows can be overlaid on top of the regular code view. This visualization helps
developers understand the risks of their code and aids them in deciding how best to change the
code to shut down the vulnerability. It helps security auditors understand at a high level how
taint is flowing through the code, in order to understand the attack surface.
Reducing Risk
The bottom line is that taint analysis is an effective method to reduce risk, by helping you
eliminate exploitable attack surfaces. So it's imperative that we get comfortable talking about it,
even if it has a less-than-ideal name.
About The Author
Laurel Stewart is the Director of Marketing at GrammaTech, where she has
followed the IoT trend from prediction to reality. With a technical
background and years of experience in marketing, she is committed to
providing software manufacturers with a clearer understanding of what is
required in this new cyber-security landscape.
Laurel can be reached online at https://www.grammatech.com
6 Cyber Warnings E-Magazine November 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
