Source-Code Assessment Tools Identify Security Holes Resulting from Shoddy Development By Jeff Forristal Infosec practitioners worth their Red Bull know that perfect security is an ideal worth striving for but extremely difficult to achieve. No application of any size and complexity can be perfect in its first implementation; bugs will be present, and some will affect security. Some software vendors seem to operate on the premise, If bugs are a fact of life, why expend time and resources to find and remove them before an application is released? Why not just issue patches and updates
Read More »Developers Must Improve Software Quality and Innovate Products By Adopting a New View of Software Development and Using New Tools By Djenana Campara Device software continues to become more complex and more important. Increasingly, it’s software that drives innovation in new products – whether they’re mobile phones, automobiles or set-top boxes. For this reason, when software defects appear in the field, or when products ship late due to inefficient development processes and tools, an organization’s bottom line and brand suffer. Toyota’s October recall of 75,000 Prius vehicles shows how serious this issue can be. The
Read More »Software Must Be Treated as a Critical Business Asset November 15, 2005 – For years, companies producing software have treated the development process as an art. Unlike the other operations of the company that are monitored, managed and measured using formal business process, software development projects are often the result of ad hoc decisions and activities, with few metrics available to gauge the status or efficiency of a development effort. The result? By not managing software as the critical business asset it is, companies face escalating development costs, mounting code quality and security issues, and
Read More »Security Expert Kevin Beaver Addresses Tools, Techniques, and Best Practices for Ensuring That Your Software Products are Secure from Attacks ISSJ News Desk – Information Storage and Security Journal – Nov 1, 2005 – Realtimepublishers and Klocwork Inc. have announced the immediate availability of The Tips and Tricks Guide to Software Security Assurance. Written in an easy-to-read question and answer format, security expert Kevin Beaver addresses tools, techniques, and best practices for ensuring that your software products are secure from attacks. “By addressing security issues throughout the software development lifecycle, which includes management, development, auditing,
Read More »Software Bugs Causing Total System Failure Can Be Prevented When Caught Early By Alexander Soule Boston Business Journal Updated: 8:00 p.m. ET Oct. 23, 2005 In the span of a few weeks, Toyota Motor Corp. announced a software glitch can cause new Prius automobiles to stall out at highway speeds, Verizon Communications Inc. blamed a bug for crashing its 911 emergency service in California, a malfunction at a radar system at Denver International Airport had air-traffic controllers sweating, and a software flaw caused warning sirens near a New York nuclear plant to fail. And those
Read More »Klocwork Expands Sales Operations in Europe, Signs IPL as New European Reseller
Read More »Improving Code Quality Before Formal Testing Ever Begins By: Carey Schwaber with Carl Zetie and Michael Gavin EXECUTIVE SUMMARY Most development shops understand that the cost of repairing a defect increases exponentially as the application proceeds through the life cycle. But fewer shops know what they can do to identify defects early on. To improve the quality of their code even before formal testing begins, developers can perform unit testing, static analysis, performance analysis, and security testing. Full-featured integrated development environments (IDEs) include much – but not all – of the functionality that developers will
Read More »Modernization Starts Where Existing Practices Fail to Deliver Against Business Objectives NEEDHAM, Mass. – BUSINESS WIRE – Aug 30, 2005 – The Object Management Group (OMG), today announced the program for its Second-Annual Architecture-Driven Modernization workshop. Sponsored by Klocwork, Unisys and ASG, the workshop will take place October 24-27, 2005 in Alexandria, VA, USA. The media sponsor is Application Development Trends. Existing software assets have entered the maintenance and evolution mode. Architecture-Driven Modernization (ADM) is the process of understanding and evolving existing software assets for the purpose of software improvement, modifications, interoperability, re-factoring, restructuring, reuse,
Read More »Executives are Demanding That IT Improve the Development Process to Create More Secure and Reliable Software Opinion by Djenana Campara, Klocwork Inc. AUGUST 24, 2005 (COMPUTERWORLD) – When security vulnerabilities in a vendor’s software are exploited, significant costs are faced by the vendor and its software users. Software with security vulnerabilities harms an organization’s reputation with customers, partners and investors. It increases costs as companies are forced to repair unreliable applications, and it delays other development efforts as limited resources are assigned to address current software deficiencies. With the increased scrutiny of internal processes and
Read More »Klocwork Products Protect and Prevent Software from Malicious Activity By John K. Waters BURLINGTON, Mass. – August 1, 2005 – Black-hat hackers and other malicious circumventing network-based security and exploiting it’s 50 times more costly to fix a security than it is to fix it before software QA, according The key to start getting security built into start thinking of security as a feature. Most enterprises have figured out that firewalls, antivirus software and intrusion detection systems, although essential to their overall security posture, no longer provide adequate protection. Black-hat hackers and other malicious intruders
Read More »
