What is Taint Checking?

November 1, 2016 Laurel Stewart

 
 
 
Taint checking? This isn't a trap, I promise. It sounds vulgar, but its etymology is perfectly reasonable, stemming from the notion that data that has been "tainted" by a malicious user (and could be used to breach your system) is a dangerous vulnerability in code and needs to be found and eliminated.
 
Wikipedia actually has a pretty clear definition of taint checking: 
"Taint checks highlight specific security risks primarily associated with web sites which are attacked using techniques such as SQL injection or buffer overflow attack approaches."
I'm assuming that those in the security auditing world of the 2016 cyber-security landscape have likely moved past and become immune to the chuckles of this unfortunately-named technical term. But for the rest of us, I thought I might provide a clear overview, so you can start addressing this extremely-important concept with confidence in the boardroom. Ready?
 

Previous Video
Tainted Data Analysis in CodeSonar
Tainted Data Analysis in CodeSonar

What is tainted data analysis? How can you leverage taint analysis to find anomalous or unstructured data t...

Next Article
The Advantages of Hybrid Source and Binary Static Analysis
The Advantages of Hybrid Source and Binary Static Analysis

    INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Befo...