Klocwork product documentation is available here.
As embedded systems evolve and become increasingly interconnected, the risk to the security and functionality of these systems increases. In this white paper, we'll discuss guidelines that software teams should follow ... More
ABB has operations spread across five divisions around the world, leading the industry in power generation and automation technologies. Ensuring each group had a consistent approach to software security and reliability ... More
The level of concurrency in automotive systems is increasing rapidly. With multithreaded code on multicore processors, the balance between dynamic analysis of code and static analysis of design and code is tipping heavily in favor of the latter. While not a complete replacement for traditional testing methods, testing by analysis plays a major role in effective verification and validation - as reflected in many of the safety standards. ISO 13849 makes it explicit: "When validation by analysis is not ... More
Software security breaches can happen in many places, including at the source code level. Opportunities for vulnerable code breaches are often created innocently enough, sometimes because we don't know what to look for. In this one-hour webinar designed for software engineers, you'll learn how to: Recognize a potential data breach in web, desktop and mobile applications Quickly assess the impact of identified breaches Identify potential application security problems in your code Use automated tools like ... More
Software security is making headlines today, whether it's the exposure of private information or critical systems being compromised. It's more important than ever for developers to understand why secure code matters and how to create safer applications. This webinar explains how security breaches occur and identifies steps you can take to reduce the risk of your application being compromised. In this one-hour webinar designed for developers and testers, you'll learn about: Common threats that affect software ... More
The increase in the volume and complexity of software code in recent years is indisputable. Unfortunately, the larger, more complex software projects of today inevitably result in higher volumes of security vulnerabilities and defects within these code bases, exposing potential for security breaches or system failures. In this webcast, VDC will share results from its latest research and discuss: Trends affecting embedded software development Leading challenges driving code security and complexity issues ... More
The use of static analysis plays an important role in ensuring the security of source code during the software development cycle. But there are a lot of myths about what static analysis tools can and can't do, including: It throws too many false positives Results are hard to understand It's not part of my existing workflow Watch this short webinar where we'll dispel these myths (and others) and show you how using static analysis can help you develop the most secure code possible.
Machine-to-Machine (M2M) communication offers enormous potential to expand the capabilities of devices, including remote wireless management and updates. However, there are profound security implications as the software running therein must be completely fault-tolerant and hardened from attack. Join this webinar to learn about: Common attacks, threats and security considerations for embedded software Using static analysis to find and fix security vulnerabilities Application whitelisting – preventing ... More
A good vulnerability management program includes tools, manual techniques, a security defect classification system and, most importantly, the knowledge to remediate vulnerabilities quickly and accurately. Watch this on-demand webinar to learn how to effectively combine these components and build more secure software with each release. Watch the On-Demand Webinar
Dave West, Senior Analyst, Forrester Research, Inc., reviews the findings of a recent code review study and discusses why it’s time for software development organizations to exploit modern technology to improve the code review process. Learn about the key challenges of code review and recommendations on ways to improve the process right from the analyst himself.
In this on-demand webinar hosted by Klocwork, learn where source code analysis can be used in your development process, the problems that it solves, and how the technology can be used to streamline a number of productivity bottlenecks in your development process.
During this web seminar you will see how easy it is to exploit security vulnerabilities caused by common software defects. Watch how a simple hack on an older version of FireFox enables a hacker to gain full access to a remote machine. More importantly, see how this same vulnerability could have been prevented through the use of static analysis.
The complexity of porting or developing for multicore or multiprocessor architectures can lead to increased project expenses and timelines. In this ready-to-watch webinar, learn about Klocwork's tools-oriented approach to overcoming these challenges which equips developers with a personal mentor to detail critical concurrency and endian incompatibility issues as they're introduced.
In an Agile context where software production is performed in short, feature-driven iterations, it's critical that bugs are found and removed from code as early as possible. In this session, we examine the evolution of source code analysis technology and discuss why and how it should be deployed for maximum benefit within an Agile development process.
Automating key steps in the development lifecycle - including defect detection, builds and deployments - offers important productivity benefits for development organizations. The ability to immediately assess the impact of changes, generate continuous feedback on product stability, and reduce the effort associated with fixing issues found late in the cycle allows development teams to focus on creating higher quality products in less time. Learn more in this webinar hosted by Klocwork and Urbancode.
To ensure your embedded software is secure, you must start by understanding the threats that can make it susceptible to attack and then establish appropriate counter measures. Designed for embedded software engineers and security specialists, this webinar identifies the characteristics of embedded software that make it vulnerable to security threats, discusses the importance of threat modeling, and provides specific mitigation activities all embedded teams should employ.
Developing software for mission-critical applications such as military, aerospace, and medical devices requires aggressive strategies for reducing risk throughout the development lifecycle. This brief webinar looks at three crucial components of an effective risk management strategy that can be achieved with source code analysis, including stabilizing code early in development, automating metrics and measurement, and creating a disciplined approach to producing maintainable code.