Archive for November, 2009

  • Internet Telephony: A Matter of Integrity

    on Nov 30, 09 • by Lynn Gayowski • with No Comments

    The failure of the levees in New Orleans and the collapse of the I-35W bridge in Minneapolis gave many of us a greater appreciation for the importance of ensuring vital infrastructure is sound. Businesses and organizations would do well to apply these lessons to the area of software development. And many already have. Software that hasn’t been thoroughly vetted can result in lapses in safety and security, customer affecting performance issues and lost revenue – some of the most catastrophic problems a business can face. Case in point: A major telephone company recently was working

    Read More »
  • The Joy of … Code Review?

    on Nov 24, 09 • by Gwyn Fisher • with 2 Comments

    The Joy of … Code Review?

    Part I – Ode to Joy Since the launch of the seminal “Joy” work which hopefully doesn’t need mention here, we’ve seen everything from The Joy of Cooking to The Joy of Not Working (my personal favorite!), and so further to that deeply mined vein of authoritative works we bring you the necessarily over burdened… Joy of Code Review! Joy, you say? Let me count the ways… I implement a task, using what I consider to be best practice patterns and guidelines; I slave over this, my creation, and when it’s done, I stand back

    Read More »
  • DZone: Static Analysis with Klocwork

    on Nov 17, 09 • by Lynn Gayowski • with No Comments

    Klocwork, a provider of source code analysis tools, just released the Insight Pro suite for agile development projects. Klocwork Insight Pro checks Java, C#, C and C++ code for memory and resource leaks, security vulnerabilities, and buffer overflows. DZone interviewed Klockwork CTO, Gwyn Fisher, to get an indepth look at Insight Pro and its static analysis engine. Insight Pro includes three tools to reduce bug debt and increase iteration speed. Continuous static analysis Static analysis traditionally relied on user interaction to perform code checks. Gwyn Fisher says, “Whether this is a complex server-side scripting process,

    Read More »
  • TMC.net: Klocwork Targets Developer Productivity

    on Nov 17, 09 • by Lynn Gayowski • with No Comments

    Klocwork, Inc., a provider of automated source code analysis solutions for improving developer productivity, reportedly is launching a new offering, “Klocwork Insight Pro.” The solution includes a suite of developer tools designed to accelerate the process of software development. The company has deployed its well-known source code analysis technology in developing the suite, which will be made generally available next month. The solution incorporates three new tools which will help software development organizations in streamlining the development process, and cutting down the risk of bug debt. The first tool is “Continuous Static Analysis,” which checks

    Read More »
  • InfoWorld: Klocwork Tunes Software Code Analysis Suite for Agile Projects

    on Nov 16, 09 • by Lynn Gayowski • with No Comments

    Klocwork will ship later this month version 9.0 of its Insight Pro product for source code analysis [1], which the company says offers capabilities for agile programming projects. Offered as a suite of tools, Insight Pro analyzes code for memory and resource leaks, buffer overflows, and security vulnerabilities. With version 9, Klocwork is “stepping outside of the traditional realm of just finding bugs,” said Gwynn Fischer, CTO at Klocwork. Capabilities in version 9.0 are intended to agile developers, who have to produce working code within a short time, Fisher said. Read More

    Read More »
  • SD Times: Klocwork Takes on Strengthening Code Creation

    on Nov 16, 09 • by Lynn Gayowski • with No Comments

    November 16, 2009 — Klocwork is spreading out beyond the static analysis game and rolling out new software to help ensure the creation of strong code. Klocwork Insight Pro, released today, consists of three main pieces of software around continuous static analysis, code review and automated code refactoring. Klocwork Insight Pro’s continuous static analyzer detects defects and vulnerabilities as code is being written. Gwyn Fisher, Klocwork’s CTO, said the new analysis capabilities focus on developers working in “tremendously compressed” development cycles. “We’ve focused previously on moving further upstream, getting into a developer’s IDE and giving

    Read More »
  • EE Times.com: Software Tools Suite Simplifies Source Code Analysis

    on Nov 16, 09 • by Lynn Gayowski • with No Comments

    Klocwork recently released its Insight Pro, a suite of developer tools aimed at maintaining high velocity throughout the software development process. Built on the company’s source-code analysis technology, the suite introduces three tools that let developers achieve greater iteration velocity while reducing the risk of bug debt. Insight Pro provides continuous static analysis that detects critical defects and security vulnerabilities at the developer’s desktop, as code is being written. This onthefly analysis provides developers with immediate visibility into errors being made, or vulnerabilities being left open. With a noclick usability model, attention to code quality

    Read More »
  • Klocwork Launches New Family of Developer Productivity Tools

    on Nov 16, 09 • by Meranda Powers • with No Comments

    Klocwork Insight Pro offers personal productivity tools for the Agile software developer BURLINGTON, Mass. — Nov 16, 2009 — Klocwork, Inc., the global leader in automated source code analysis solutions for improving developer productivity, today announced Klocwork Insight Pro a new suite of developer tools aimed at maintaining high velocity throughout the software development process. "Software development teams in all industries are embracing Agile as a way to boost their team’s productivity and be more responsive to their customer’s needs," says Mike Laginski, Klocwork CEO. "Regardless of how far along the Agile curve a team

    Read More »
  • Software Assurance Forum Day 3 Recap

    on Nov 5, 09 • by Todd Landry • with No Comments

    My first day at the SWA forum was actually the 3rd day at the conference, and from all accounts it has been a very productive and relevant first 2 days. Today was no different as it was kicked off with a panel discussion on the Evolution of Software Assurance Processes, and included speakers from Lockheed Martin, Waters Edge LLC, SEI/CERT, and SafeCode. I thought it was an entertaining discussion from a group definitely passionate about the topic. Something seemed missing though as I came out of it hoping for something more…Some good questions rounded out

    Read More »
  • Compiler warnings, Coding standards, Code quality…oh my! (Part 2)

    on Nov 3, 09 • by Alen Zukich • with No Comments

    In the first blog series, we discussed the value of compiler warnings and wondered why a static analysis tool would have similar error checking features. In this installment, we want to dive deeper into this question by reviewing errors that can be found by compilers, why they matter, and what limitations compilers have in this area. Let’s take an example of the “implicit int” rule: int foo() { const x = 0; return x; } This is a situation where failure to specify a type results in this compiler warning from (gcc v.3.4.4) or Microsoft

    Read More »
Scroll to top