O.8 Software Security Analysis

From CyberEdWiki
Jump to: navigation, search

This knowledge unit ensures that students will possess the ability to analyze software for the presence of weaknesses that may lead to exploitable vulnerabilities in operational systems.

Specific topics to be covered in this knowledge unit include, but are not limited to:

  • Source code analysis
  • Binary code analysis
  • Static code analysis techniques
  • Dynamic code analysis techniques
  • Testing methodologies (Black Box/White Box/Fuzz)

Outcome: Students will be able to perform analysis of existing source code for functional correctness. Through the application of testing methodologies, students should be able to build test cases that demonstrate the existence of vulnerabilities. For example, students could apply industry standard tools that analyze software for security vulnerabilities.