PRQA, the pioneer in the application of functional and compliance excellence in software development, today announced the introduction of their new certified environment platform – allowing security coding standards and advisories to be applied at the point of code creation, in addition to well established functional and compliance checks. In light of recent high profile exploitations regarding application vulnerabilities, this latest release allows analysis of both legacy code streams and new agile developments. Providing multi-language support for C, C++, C# and Java, combined with straightforward integration of our own static analysis tools, users are now able to apply in-house security rules, as well as external coding standards and sets of common weaknesses, such as CERT and CWETM. This ensures potential issues and existing weaknesses in legacy code are highlighted, and therefore resolved before the product release.
Robert Seacord, founder of the Secure Coding Institute, commented “PRQA’s QA·C analyzer is effective at discovering violations of The CERT C Coding Standard that were not discovered through 20 years of testing or by other static analysis tools”. He continues “Overall, the QA·C analyzer is an effective tool for eliminating secure coding flaws that can easily lead to software vulnerabilities”.
With the rapidly growing Internet of Things (IoT) and resulting interconnectivity, application security has never been so essential – especially for software deployed outside classical IT security infrastructure. According to the leading analyst firm Gartner, the number of devices represented in the IoT is likely to reach 6.4 billion over the next 12 months – a growth of 30%. This puts unprecedented pressure on application developers to produce secure and robust products and deliver a sublime customer experience.
Paul Blundell, CEO and Founder of PRQA added “we have been helping software developers enable functional and compliant software development for over 30 years and recognize the changing requirements of our customers. It is no longer enough to have compliant and functional software – it must also be secure in an increasing complex and rapidly evolving ecosystem. Our latest solution set ensures organizations, both large and small, can not only assess existing vulnerabilities in legacy code, but also apply best practice to new developments – across multiple coding languages”
Further details about PRQA’s static analysis products are available at www.programmingresearch.com/products.