Software Integrity

Archive for the 'Software Quality' Category

 

Can Synopsys Static Analysis (Coverity) automatically ignore issues in third-party or noncritical code?

Synopsys Static Analysis (Coverity) has powerful capabilities that can find issues deep within the logic of your application’s code. If you apply third-party or open source code during your build process, Coverity might even find issues in code your team didn’t write. Often, you won’t be interested in fixing that third-party code, for a variety […]

Continue Reading...

Posted in Application Security, Software Quality, Static Analysis (SAST), Vendor Risk Management | No Comments »

 

Coverity: Setting the standard for better software

From the moon to autonomous driving There is a general awareness that software complexity has been growing immensely over time. Starting a few decades ago with special-purpose tasks, such as calculating equations to send a man to the moon, we are now at a stage where our world and much of our lives depend intrinsically […]

Continue Reading...

Posted in Application Security, Security Standards and Compliance, Software Quality, Static Analysis (SAST) | Comments Off on Coverity: Setting the standard for better software

 

Triage Protecode identified security vulnerabilities with Coverity’s secure development workflow

The risk of open source and third-party code In today’s fast-paced world with rapid technological advancements, few people need any introduction to the dangers of security vulnerabilities lurking in open source and third-party code. Open source software has come a long way from being a techno-hippie dream in the late ’80s. Today, it exists nearly […]

Continue Reading...

Posted in Application Security, Open Source Security, Software Quality, Static Analysis (SAST), Vendor Risk Management | Comments Off on Triage Protecode identified security vulnerabilities with Coverity’s secure development workflow

 

Get the latest resource helping development teams overcome widespread challenges

Only when security is treated with the same importance as quality can your software’s integrity drive a proactive strategy rather than a reactive response. In addition to ensuring software quality, development teams are under increasing pressure to address software security concerns. The high-profile data breaches that continuously arise are raising awareness of security issues. Because […]

Continue Reading...

Posted in Application Security, Dynamic Analysis (DAST), Fuzz Testing, Interactive Application Security Testing (IAST), Security Training, Software Quality, Static Analysis (SAST) | Comments Off on Get the latest resource helping development teams overcome widespread challenges

 

How is static analysis a productivity tool for engineering teams?

“I lost my keys. How long will it take to find them?” This is a laughable question, but it’s analogous to “How long will it take to debug this?” Developers scoff at this question as if it were an unreasonable demand, just as inexperienced project managers are shocked that a simple answer isn’t forthcoming. But […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Testing, Static Analysis (SAST) | Comments Off on How is static analysis a productivity tool for engineering teams?

 

KRACK: Examining the WPA2 protocol flaw and what it means for your business

WPA2? The weekend of Friday the 13th took a frightening turn—even for those of us who aren’t superstitious—when detrimental weaknesses were discovered in Wi-Fi Protected Access II (WPA2), the protocol responsible for securing Wi-Fi networks. WPA2 was first made available back in 2004 and has been required on all Wi-Fi branded devices since March 2006. […]

Continue Reading...

Posted in Application Security, Data Breach, Software Quality, Vulnerability Assessment | Comments Off on KRACK: Examining the WPA2 protocol flaw and what it means for your business

 

How to implement security measures without negatively affecting software quality

Over the past decade, most organizations have established a well-oiled process for software development and maintenance. We refer to this as the software development life cycle (SDLC). However, advancing security threats relating to insecure software have brought the focus to security implementation within the SDLC without hampering quality. Let’s examine a few strategies to implement security […]

Continue Reading...

Posted in Application Security, Software Development Life Cycle (SDLC), Software Quality, Software Security Testing | Comments Off on How to implement security measures without negatively affecting software quality

 

Checklist: Kick off your software integrity program with a bang

We are coming up on fall here in the States, and for most of us, that means two big types of kickoffs are happening: new business initiatives and football. Budgets tend to land around the same time as football season, so if you want to enjoy your Sunday kickoffs, follow this list of four impactful […]

Continue Reading...

Posted in Application Security, Software Quality, Software Security Program Development | Comments Off on Checklist: Kick off your software integrity program with a bang

 

A journey through the secure software development life cycle phases

Most organizations follow common development processes when creating software. Unfortunately, these processes offer little support to construct secure software as they typically identify security defects in the verification (i.e., testing) phase. Fixing defects that late in the software development life cycle (SDLC) is often quite expensive. A better practice is to integrate security activities across […]

Continue Reading...

Posted in Application Security, Infographic, Software Development Life Cycle (SDLC), Software Quality | Comments Off on A journey through the secure software development life cycle phases

 

Do security and quality really belong in the same conversation?

In software development shops across the world there is a strong emphasis on quality over security. But, these two key practices in the development process are not mutually exclusive. They are, in fact, two sides of the same coin joined together by their similar processes, artifacts, and goals. These include testing the software for defects, […]

Continue Reading...

Posted in Application Security, Software Quality | Comments Off on Do security and quality really belong in the same conversation?