Written by Liana Hadarean. In a recent blog post, Detecting Spectre vulnerability exploits with static analysis, we showed how developers can use static analysis to help protect their applications from the Spectre variant 1 vulnerability (bounds check bypass). Synopsys Software Integrity Group released a checker for Coverity (AUDIT.SPECULATIVE_EXECUTION_DATA_LEAK) that helps developers identify vulnerable code. The result is […]
Continue Reading...
Posted in Application Security, Featured, Static Analysis (SAST)
Every application security testing tool has advantages and disadvantages. No single solution can ensure you find and fix all vulnerabilities. But application security tools can complement one another and help you secure your applications in each stage of the software development life cycle (SDLC) and beyond. Here’s a quick overview of SAST, IAST, DAST, and […]
Continue Reading...
Posted in Dynamic Analysis (DAST), Featured, Infographic, Interactive Application Security Testing (IAST), Runtime Application Self-Protection (RASP), Static Analysis (SAST)
This is the first post in a three-part series on how you can maximize the impact of a static analysis solution by supporting developers and their goals. Aligning static analysis with development goals Application security responsibilities are shifting to the developer as organizations look to produce secure, high-quality software at a competitive pace. Because of […]
Continue Reading...
Posted in Application Security, Featured, Software Security Testing, Static Analysis (SAST)
