Saving you from Heartbleed

by Roy Sarkar • No Comments

Saving you from Heartbleed

Last week we talked about the flaw in OpenSSL known as “Heartbleed” and it’s massive impact on websites and users around the world. We also mentioned how open-source scanning and support tools, such as OpenLogic, report this...

Read More »

Heartbleed: The latest on the OpenSSL bug

by Roy Sarkar • 4 Comments

Heartbleed: The latest on the OpenSSL bug

[Update - read this post to see how Klocwork finds the bug] By now, you’ve heard about the OpenSSL flaw that’s capturing the attention of anyone in the world that’s remotely connected with security. Known as “Heartbleed”, this...

Read More »

Mobile app usage is on the rise in businesses, creating demand for better software security

by Chris Bubinas • No Comments

Mobile app usage is on the rise in businesses, creating demand for better...

The number of business app installations is skyrocketing. But mobile apps still face substantial software security hurdles, creating an opening for developers who are willing to take the extra steps to build secure apps...

Read More »

Managing risks in today’s open source software

by Chris Bubinas • 1 Comment

Managing risks in today’s open source software

The range of open source options available means that software development is increasingly a process of combining disparate pieces. And that process can involve risk from a software security standpoint, as developers may not always be aware of...

Read More »

How many zero-days are active in the wild?

by Chris Bubinas • No Comments

How many zero-days are active in the wild?

Zero-day vulnerabilities have become not only a major threat in the software security world but also a major industry, with many selling for large sums on the black market and entire firms emerging that are dedicated solely to finding and...

Read More »

Rather than fail, “goto” success

by Roy Sarkar • No Comments

Rather than fail, “goto” success

You’ve probably heard about Apple’s goto fail vulnerability (if you haven’t, read our summary about it or this deep dive into the problem by Google researcher Adam Langley). The short story is, within a sequence of if statements, two goto...

Read More »

Static Analysis

Mobility introduces new app development concerns

April 24, 2014, Chris Bubinas - No Comments

Mobility introduces new app development concerns

As the mobile landscape grows more pervasive, developers must be able to adapt their processes to meet demand...

Code Review

No rest for the software development environment

April 23, 2014, Chris Bubinas - No Comments

No rest for the software development environment

As the application development landscape changes, the methodologies associated with those processes also evolve...

Embedded Software

With focus on Internet of Things security growing, what concerns await for embedded software developers?

February 10, 2014, Chris Bubinas - No Comments

With focus on Internet of Things security growing, what...

Even as the Internet of Things is expected to see rapid growth in the next few years, the security threats associated with more connected devices are...

Coding Standards

Can software-powered ships pass the test when it comes to reliability?

April 14, 2014, Chris Bubinas - No Comments

Can software-powered ships pass the test when it comes...

Rolls-Royce Holdings recently announced that it is developing unmanned drone ships in an attempt to cut costs and pollution. As companies continue...

Agile Development

What’s the Right Iteration Length?

November 1, 2011, Todd Landry - 1 Comment

What’s the Right Iteration Length?

The question of “what’s the right iteration length” may not be as interesting as any of the questions found here (gum really doesn’t stay in you for 7 years. Who knew?), but it is a common question from...

Android Development

What do enterprise software companies need to know to adapt for mobile?

January 13, 2014, Chris Bubinas - No Comments

What do enterprise software companies need to know to...

Despite the emphasis on mobility in recent years, many traditional enterprise software vendors have been slow to embrace the new mindset, continuing...

Software Testing

Lack of testing cited as Knight Capital is fined $12 million for software error

October 24, 2013, Chris Bubinas - No Comments

Lack of testing cited as Knight Capital is fined...

Financial services firm Knight Capital lost more than $460 million last summer when an error in its automated trading software unleashed a series of...

Scroll to top