Channels ▼
RSS

Jolt Awards

Fresh Faces


June, 2005: The 15th Annual Software Development Jolt & Productivity Awards

Software Development

June 2005

SECURITY TOOLS


Barmak Meftah, VP, Engineering Arthur Do, Founder/Chief Architect


Source Code Analysis 3.0
Fortify Software

If I were in the marketing group of Palo Alto, Calif.–based Fortify Software, I'd have given this product a more hardball name, like Stonewall, Ironsides or Kevlar++. Why? Because this product can bulletproof your code against typical exploits such as buffer overflows or cross-scripting ploys.

The suite analyzes C, C++, Java, JSP, PL/SQL, C# and XML files, alone or grouped within an application, with a remarkable degree of understanding about what the code's doing in the context of the application. In addition to the typical buffer overflows, its user-extensible rules detect situations that spot-check manual security reviews often overlook.

Source Code Analysis 3.0 pinpoints security vulnerabilities throughout the code base, across processes, tiers and language boundaries. After-the-fact security audits can also be run at any time through the whole project.

The depth of the analysis can be a shock, but continued use will markedly change the way a team writes any new piece of code, because team members begin to anticipate what kinds of code the suite will pounce on. Over the long term, then, not only does this product buttress an organization's code, it also ups the game of developers themselves—a rare combination. Have security fears for your tiers? Then get Fortify-ed.

—Roland Racko

Productivity Award Winners

CounterPoint 1.0
Mirage Networks

Back in 1975, when the killer shark of the movie classic Jaws scared the popcorn out of moviegoers' hands, seafood restaurants around the country put up signs saying "Get Even. Eat a Fish." CounterPoint, from Austin, Tex.–based Mirage Networks, takes the same let-me-at-'em attitude toward network intruders. Clever manipulation of the Address Resolution Protocol (ARP) renders denial of service attacks, worms, scans and other rapidly progressing threats completely ineffective. Or, it can lure hacker types to sludge pots of slow response, impeding their reconnaissance of network assets.

CounterPoint does all this without needing software agents on workstations or servers, and without introducing any latencies in the network. Its administration interface is fast and lean, in keeping with its deadly seriousness.

—Roland Racko

ISA Server 2004
Microsoft

Microsoft's Internet Security and Acceleration Server may not be for dummies, but it is made simple. This advanced application-layer firewall, virtual private network (VPN) and Web cache solution improves network security and performance. We especially appreciated its simplified administration user interface that helps administrators avoid common security configuration errors through templates and wizards, context-sensitive task panes, advanced troubleshooting tools and an intuitive policy model that prevent configuration errors.

Don't be fooled by its ease of use—ISA is backed by tried-and-true technology that protects against a complex array of security threats through both stateful packet inspection and application-layer filtering of Internet protocols such as HTTP, VPN, SMTP, POP3, DNS, H.323, streaming media and RPC traffic.

—John Lam

POPFile .22.2
The POPFile Project; open source

POPFile is an open-source e-mail classification software that can filter messages into predefined categories, including a spam folder for spam filtering. It works with almost any operating system and e-mail client because it's written in Perl and runs a client-independent POP proxy. You can run POPFile as a local proxy on your PC for personal use or run it on a server for a group of users.

The POPFile e-mail-filtering proxy retrieves messages from your existing e-mail servers and then classifies them by adding additional information to the subject line or to the header. The e-mail clients retrieve the classified messages from the POPFile proxy; then POPFile automatically saves the messages to predefined folders based on the classification information in the subject or header. As with any other Bayesian-based filters, you need to manually train POPFile.

—Michael Yuan



Related Reading


More Insights






Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Jolt Awards Video