6.6 Summary

In this chapter, we discussed various ways to test and review applications for security. We looked at several tools and techniques that can make your job more effective and efficient. Unfortunately, there still aren't any truly mature, publicly available tools that can completely automate the review process, either at a design level or at an implementation level. Currently, tools provide a starting point to eliminate only the lowest hanging fruit in your reviews of applications. Although that's important to do, it means that we all need to be particularly thorough in augmenting the tools with human review of designs and implementations.

Now that we've reached the end of our last chapter, we will restate the most important message we want to leave with you.

To have a realistic chance of building software that cannot easily be subverted, you must not think of your application as being merely the compiled lines of code in front of you. You must, rather, adopt the notion of a holistic application system.

If you don't look at the entire set of components engaged during the execution of the application (including the server operating system, any supporting software, the network environment, and especially the real-life operations factors we've stressed so much), then whatever security measures you choose to adopt will eventually be surmounted by an attacker who does look at things that way.

If you do adopt this holistic view and successfully apply the principles we've presented throughout this book, your software will have a fighting chance to withstand the kinds of attacks that it must face today and, we believe, well into the future.