Software Integrity

Archive for the 'Security Standards and Compliance' Category

 

Webinar: What will GDPR requirements mean for your security initiative?

If your organization competes in the global market, expect GDPR to have a critical influence on the software that powers your business. Having a disciplined software security strategy will help you not only identify, remediate, and prevent vulnerabilities in your software but also avoid violating GDPR. Listen as experts Adam Brown of Synopsys and legal […]

Continue Reading...

Posted in Security Standards and Compliance | No Comments »

 

The Data Protection Directive versus the GDPR: Understanding key changes

When the General Data Protection Regulation (GDPR) takes effect, it will replace the Data Protection Directive (DPD), also known as Directive 95/46/EC, of 1995. Adopted April 27, 2016, the GDPR will become enforceable May 25, 2018. The following is a detailed explanation of the differences between the DPD and the GDPR, as well as new […]

Continue Reading...

Posted in Featured, Security Standards and Compliance | Comments Off on The Data Protection Directive versus the GDPR: Understanding key changes

 

Coverity: Setting the standard for better software

From the moon to autonomous driving There is a general awareness that software complexity has been growing immensely over time. Starting a few decades ago with special-purpose tasks, such as calculating equations to send a man to the moon, we are now at a stage where our world and much of our lives depend intrinsically […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance, Software Quality, Static Analysis (SAST) | Comments Off on Coverity: Setting the standard for better software

 

What does GDPR enforcement mean for your business?

Now that a new year is upon us, we must remember that this is the year the General Data Protection Regulation (GDPR) supersedes Directive 95/36/EC. The new regulation will take effect May 25, 2018. In other words, this is the date by which organizations must be compliant. Primary obligations under GDPR GDPR applies to the […]

Continue Reading...

Posted in Security Standards and Compliance | Comments Off on What does GDPR enforcement mean for your business?

 

Climbing Mount MISRA: Which route is right for you?

The director of software development comes into your office in a panic. “We’ve got to do MISRA… stat! Legal insists on it; our customers are demanding it.” Your heart sinks. If you’ve ever been to Yosemite, you’ll know there are two ways to the summit of Half Dome: one way has fairly gradual—or at least […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance, Software Quality | Comments Off on Climbing Mount MISRA: Which route is right for you?

 

Smart devices, smart grids, and cyber security

A recent “Innovation Spotlight” in the IEEE XPLORE Digital Library announced “a first-of-its-kind charger that allows plug-in electric vehicles (PEVs) to deliver excess capacity to the power grid and recharge during off-peak hours.” Promising new technologies often evoke questions about security. Suppose a bad actor exploits the connection somehow and brings down portions of the […]

Continue Reading...

Posted in Automotive Security, Government Security, Security Standards and Compliance, Smart Grid Security | Comments Off on Smart devices, smart grids, and cyber security

 

How can you tell if your software security strategy is working?

Let’s say you tested 46 web applications, 19 mobile apps, and 20 client-server apps this year alone. You also purchased a new application security testing tool in the process. You found 112 vulnerabilities and all-in-all you’re feeling pretty good. But before you get too excited, ask yourself a few questions: Did you reduce risk significantly? […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance, Security Training, Software Security Program Development | Comments Off on How can you tell if your software security strategy is working?

 

Is your software MISRA clean?

“Scalpel.” “Scalpel.” “Let’s make the incision … There we go …  Spreader.” “Spreader.” “Good. A little wider. Like that. Metzenbaum.” “Metzenbaum.” “There we are. We’re at the DIVIDE_BY_ZERO site. As you can see, it starts here, and follows this path here. We’ll remove it … gently … nice, a clean extraction. Now, let’s graft in […]

Continue Reading...

Posted in Application Security, Secure Coding Guidelines, Security Standards and Compliance, Software Quality, Vulnerability Assessment | Comments Off on Is your software MISRA clean?

 

Meet Auntie MISRA

Seems we all have one: that distant aunt. You know the one I’m talking about. Always dressed to the nines. Always perfectly coiffured. Every detail just so. And that tiny Jack Russell that did tricks on command, never yapped (unless told to “speak”), and was always at her side, springing up to her lap when she pulled out […]

Continue Reading...

Posted in Application Security, Secure Coding Guidelines, Security Standards and Compliance | Comments Off on Meet Auntie MISRA

 

MISRA: Ensuring software safety and security from the start

Developing software is an art. Developing safe and secure software is not only an art, but requires a mindset that anticipates potential bugs, security vulnerabilities, and system failures. Both quality and security are hard to add to a product after its inception. It simply isn’t practical to add on to a product as quality and security […]

Continue Reading...

Posted in Automotive Security, Security Standards and Compliance | Comments Off on MISRA: Ensuring software safety and security from the start