Mushi, Magreth Jubilate2019-12-192020-01-072019-12-192020-01-072008Mushi, M.J.(2008) Development of in-house applications security analyzer (iasa), Master dissertation, University of Dar es Salaam. Dar es Salaam.http://localhost:8080/xmlui/handle/123456789/1232Available in print copyIn-house developed applications security has become a major concern in recent years. Hackers are using new techniques to gain access to sensitive data, disable applications and administer other malicious activities aimed at the applications. The need to secure applications is imperative for use in today's world. Until recently, applications security was an afterthought; developers were typically focused on functionality and features, waiting to implement security at the end of development. This approach to applications security has proven to be disastrous; much vulnerability has gone undetected allowing applications to be attacked and damaged. From Chapter two, it is clear that, developers are not effective in ensuring security is implemented in in-house developed applications, while at the same time most IT professionals (84.5%) employed in organizations have less than 5 years of IT experience, which is not enough to ensure that the applications developed and installed in their systems are secure. The study was about analyzing in-house developed applications to determine possible flaws in those applications and design and implement an analyzer which will be used to scan the application codes, discover the possible flaws and provide recommendations on how to mitigate them. A tool named Meg Application Analyzer has been developed specifically for this task. Meg Application Analyzer uses static analysis to inspect Java byte code for occurrences of bug patterns. Static analysis means that Meg Application Analyzer can find bugs by simply inspecting a program's code; executing the program is not necessary, which makes it very easy to use.entanzaniasecurityDevelopment of in-house applications security analyzer (iasa)Thesis