RSSTo keep pace with ever-increasing customer demands on software functionality and time-to-market expectations, software developers have had to evolve the way they develop code to be both faster and higher quality. As part of this trend, Agile development practices are becoming more commonplace. However, to fully realize the benefits of Agile development, it is critical to have a repeatable process for ensuring code is as free of defects and security vulnerabilities as possible. This paper examines how the use of ... More
Not used
Browse Categories
Browse Tags
Resources
Case Study
As a provider of payment software for banks and merchants worldwide, ACI Worldwide puts a great deal of emphasis on code quality and security. Given the nature of their business and need for PCI compliance, ensuring ... More
White Paper
The value of peer code review is undeniable. But despite this, it continues to be a much-maligned milestone in the software development cycle. Code reviews are difficult to implement consistently, the review is often ... More
White Paper
With the adoption of Agile, the need to create high-quality software code in less time has never been greater. In this paper, developers will learn how to maintain velocity and eliminate bug debt with automated tools.
White Paper
White Paper
This white paper highlights the results from an analysis of multiple open source projects that are commonly used in embedded development, including: uClinux - widely used operating system for embedded development Quagga - popular routing software suite Scratchbox - cross compilation toolkit HSQLDB - relational database management system written in Java Discover the defects associated with each of these projects (including memory management, efficiency, null pointer dereference and reliability defects, and ... More
White Paper
This Tips and Tricks guide breaks down the topic of software security assurance into a series of questions that fall into these four key areas: Managing for Software Security Developing for Software Security Auditing for Software Security Testing for Software Security
White Paper
Today's developers of mission-critical software are using automated source code analysis (SCA) to locate and describe critical bugs and security vulnerabilities in their source code at system build time. However, system build-time analysis suffers from an inherent weakness: bugs impact the main code stream before they are even detected. This paper proposes a solution: move high-quality SCA to the developer's desktop and perform it at the earliest point in the development cycle - before code check-in. This approach ... More
White Paper
Automated source code analysis locates and describes areas of weakness in source code. Those weaknesses might be security vulnerabilities, logic errors, implementation defects, concurrency violations, rare boundary conditions, or many other types of problem-causing code. The name of the associated research field is static analysis and while the technology has been around for decades - primarily in the form of lint tools - modern static analysis has little in common with its well known but much maligned ... More
White Paper
No one wants to be on the hot seat when a critical vulnerability is exploited in the field or when a coding mistake causes product recalls, brand damage, or revenue losses. Automated source code analysis helps developers and development teams avoid this exposure by performing the most rigorous form of automated code review possible. This paper discusses what issues can be found with source code analysis tools, why developers should use them when they have other tools to choose from, and why the technology should ... More
White Paper
The value of peer code review is undeniable. But despite this, it continues to be a much-maligned milestone in the software development cycle. Code reviews are difficult to implement consistently, the review is often left incomplete, and let’s be honest, developers generally don’t like doing them. In this latest white paper, Klocwork provides specific recommendations on how organizations can implement a simple, effective code review process that takes advantage of the latest tools and technologies.
RSS