Software Integrity Blog

Archive for the 'Quality & Compliance' Category

 

Coverity release ties in well to the latest MITRE CWE Top 25

MITRE’s 2019 CWE Top 25 list contains many code quality issues that can result in security vulnerabilities. Static analysis can help you mitigate them.

Continue Reading...

Posted in Quality & Compliance, Security Standards and Compliance, Static Analysis (SAST) | Comments Off on Coverity release ties in well to the latest MITRE CWE Top 25

 

Quantifying software quality risks in tech M&A

Tech M&A typically evaluates security and legal risks, but what about software quality risks? Poor code and architecture quality can have a lasting impact.

Continue Reading...

Posted in Mergers & Acquisitions, Quality & Compliance, Software Architecture and Design | Comments Off on Quantifying software quality risks in tech M&A

 

The False Claims Act: 156 years old and newly relevant to software security

We recently saw the first settlement by a company charged under the False Claims Act for failing to meet cyber security standards. Is there more to come?

Continue Reading...

Posted in Quality & Compliance, Security Standards and Compliance | Comments Off on The False Claims Act: 156 years old and newly relevant to software security

 

Let’s Talk Licenses: Beware the Beerware License

Many companies are relaxed about reusing software under the Beerware License and similar open source licenses. But not all such licenses are created equal.

Continue Reading...

Posted in Mergers & Acquisitions, Quality & Compliance | Comments Off on Let’s Talk Licenses: Beware the Beerware License

 

Awash in regulations, companies struggle with compliance

The list of regulatory compliance challenges facing companies grows longer every time a new regulation is introduced. But do security regulations even work?

Continue Reading...

Posted in Quality & Compliance | Comments Off on Awash in regulations, companies struggle with compliance

 

Software quality: It can be a matter of life and death

Safety-critical software powers everything from airplanes to power plants, defib machines, and seatbelts. And quality issues can lead to injury and death.

Continue Reading...

Posted in Quality & Compliance | Comments Off on Software quality: It can be a matter of life and death

 

Apollo 11 software lessons still relevant today

What did Apollo 11 teach us about software development? Coding practices have changed since 1969, but the lessons learned from the moon mission still hold.

Continue Reading...

Posted in Quality & Compliance | Comments Off on Apollo 11 software lessons still relevant today

 

Hard questions raised when a software ‘glitch’ takes down an airliner

The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death.

Continue Reading...

Posted in Quality & Compliance | Comments Off on Hard questions raised when a software ‘glitch’ takes down an airliner

 

Climbing Mount MISRA: Which route is right for you?

Bypassing compliance with MISRA standards is kind of like asking someone to climb the Half Dome without any sort of harness. Choose your path carefully.

Continue Reading...

Posted in Quality & Compliance, Security Standards and Compliance | Comments Off on Climbing Mount MISRA: Which route is right for you?

 

Is your software MISRA clean?

“Scalpel.”

Continue Reading...

Posted in Quality & Compliance, Security Standards and Compliance | Comments Off on Is your software MISRA clean?