Archive for April, 2011

  • Toughen up your code with software security best practices

    on Apr 28, 11 • by Patti Murphy • with No Comments

    Toughen up your code with software security best practices

    Crying into your wadded Kleenex about how your vulnerabilities were exploited may make for compelling TV, but when it comes to software security, they’ll cost you a lot more than your personal dignity. Or maybe they’ll cost you millions of dollars in lost business and your personal dignity. Why not toughen up your code by implementing software security best practices that prevent or mitigate the risks? That’s why you should head on over to the Klocwork Developer Network and check out the free eLearning courses provided by Security Innovation, an industry leader in software security

    Read More »
  • Will source code analysis change developer culture?

    on Apr 26, 11 • by Alen Zukich • with No Comments

    Will source code analysis change developer culture?

    Will source code analysis (SCA) or static analysis change developer culture? The answer really depends on the developer’s skill set. In my experience, there are developers who are excellent at what they do (visionaries), and then there are some that just don’t get it (fence posts). I’m not here to talk about the visionaries — they already get it. They know that SCA techniques help find critical issues early in the development cycle. Sometimes SCA finds great stuff, sometimes it doesn’t. But it’s always worth the time, because it makes developers better at what they do. In fact, it’s

    Read More »
  • Building a Software Security Threat Model

    on Apr 20, 11 • by Brendan Harrison • with 5 Comments

    Building a Software Security Threat Model

    We’ve talked at length before regarding software security assurance and the role static analysis can play in ensuring code is written securely. We’ve got a bunch of great resources for anyone looking to dive into this particular aspect of software security: Summary of various secure coding standards, including links to specific checkers supported by Klocwork Free secure coding e-learning courses, including an intro to Microsoft’s secure development lifecycle A ‘buyer’s guide’ to selecting a static analysis tool as part of a secure coding program authored by a major payment software company To build on this,

    Read More »
  • Memory overflows

    on Apr 12, 11 • by Alen Zukich • with 1 Comment

    Memory overflows

    A few years back a customer said they had all kinds of trouble with bugs corrupting their stack.  Even though they asked if source code analysis tools could help find stack corruption, once we got an example, we found that they were really looking for was memory overflows.  So what on earth is a memory overflow?  Does that even exist? Yes, except it is probably not what you’re thinking, it’s not the same as a memory leak;  a memory overflow is quite different.  A memory overflow is really just a form of a buffer overflow. 

    Read More »
  • A Rockin’ Agile Roadshow

    on Apr 7, 11 • by Todd Landry • with No Comments

    A Rockin’ Agile Roadshow

    Last week I toured the West coast with our friends from VersionOne, Perforce, and Electric Cloud on our Agile roadshow hitting the cities of Seattle, Santa Clara, and San Diego. In one of the after meeting discussions, one of the attendees asked me what the differences were between Agile and Lean. Having only been involved with Lean from an outside perspective, I didn’t really think there were huge differences and that they shared many of the same beliefs. Luckily, it looks like others believe this to be the case too. So rather than me trying

    Read More »
  • Klocwork Starts 2011 With Record Q1

    on Apr 7, 11 • by Meranda Powers • with No Comments

    Quarter highlighted by 57 percent growth in license bookings and significant customer wins BURLINGTON, Mass — Apr 07, 2011 — Klocwork, Inc, the global leader in automated source code analysis solutions for improving developer productivity, announced the close of a successful Q1 2011 that included record revenue driven by a 57 percent growth in license bookings as compared to Q1 2010. "On the heels of a very successful 2010, I’m happy to report another great quarter," said Mike Laginski, chief executive officer, Klocwork. "The combination of record Q1 revenue, a surge in license sales, and

    Read More »
Scroll to top