Topic: code analysis

Code analysis tool Semmle joins GitHub

The code analysis platform provider Semmle wants to expand its reach with the announcement that it is joining GitHub. Together, the companies will work on addressing a big issue in open-source software: security.  RELATED CONTENT: Going to school on open-source security “Software security is a community effort; no single company can find every vulnerability or … continue reading

Transitioning from DevOps to Rugged DevOps: Avoiding the pitfalls

As many as four out of five companies leveraging a DevOps approach to software engineering do so without integrating the necessary information security controls, underscoring the urgency with which companies should be evaluating “Rugged” DevOps (also known as “shift left”) to build security into their development life cycle as early as possible. Rugged DevOps represents … continue reading

OMG to approve CISQ software measurements as standards

The Object Management Group will approve as standards new measures to evaluate the quality characteristics of software created by the Consortium for IT Software Quality. The CISQ Quality Characteristic Measures cover the areas of reliability, security, performance efficiency and maintainability, as well as for automating function point measurements, according to Bill Curtis, executive director of … continue reading

DMCA.com Protection Status