Topic: software vulnerabilities

Code analysis is about more than software

Static code analysis is usually thought of in terms of preventing vulnerabilities from existing in code. And, it’s thought of in terms of things like memory leaks and tainted data. But as businesses become more reliant than ever on software to drive their revenues, it is important to think about the damage these vulnerabilities can … continue reading

Klocwork 2017 finds and prioritizes software bugs faster

Rogue Wave wants to make it even easier to find vulnerabilities on the fly with the release of Klocwork 2017. Klockwork is the company’s static code-analysis tool. The latest release introduces SmartRank, a defect-recommendation engine. “We knew our users were struggling with too many issues and no way to prioritize them,” said Walter Capitani, Klocwork … continue reading

ZeroStack’s plans for self-driving in the cloud, Loom Systems’ analytics platform, and GNU C Library releases version 2.25—SD Times news digest: Feb. 6, 2017

ZeroStack announced its road map and the first suite of AI capabilities today as part of its efforts to disrupt the economics of the cloud. ZeroStack, a self-driving private cloud company, has a cloud platform that leverages self-healing software and algorithms developed from millions of datagrams, according to a company announcement. This “disruption” means businesses … continue reading

Bugsee comes out of stealth, Google tests Android Instant Apps, and Zephyr releases ZAPI add-on—SD Times news digest: Jan. 24, 2016

A newly launched company, Bugsee, wants to help developers build and maintain bug-free apps. As part of its launch, it announced a bug reporting and crash analytics tool for mobile app developers that captures video of user interactions so developers can see what leads to bugs or crashes. “We think of Bugsee as the flight … continue reading

Report: Android tops the list of most vulnerable products of 2016

Google made headlines last year, and not always for good reasons. In addition to the company’s updates to the Android operating system, it also faced articles detailing the many vulnerabilities plaguing the OS. As a result, one report has found Android to be the most vulnerable product of 2016. (Related: Google previews new Android Internet … continue reading

SD Times GitHub Project of the Week: OSS-Fuzz

Google wants to help ensure open-source projects are stable, secure and reliable. According to the company, open-source software is the backbone of many solutions available on the Internet today, and any problems with it could be catastrophic. The company announced the release of OSS-Fuzz, a continuous fuzzing solution for open-source software. OSS-Fuzz is a program … continue reading

Microsoft previews bug finding tool, Project Springfield

Microsoft is developing a new way for developers to find bugs before they release their software into production. The company announced the preview of its new cloud-based bug detector, dubbed Project Springfield, at its Microsoft Ignite conference. The system searches and detects bugs before a developer’s software is released in order to save time and … continue reading

Google’s Android Security Rewards program, Microsoft and the legal marijuana industry, and GitHub’s pinned repository feature—SD Times news digest: June 17, 2016

It has been one year since Google added Android Security to its vulnerability rewards program. Since then, the company has received more than 250 vulnerability reports, paid more than US$550,000 to 82 individuals, and paid 15 researchers $10,000 or more. The company is now updating its Android rewards program to entice even more security researchers … continue reading

Alphabet passes Apple, researchers create auto-bug-repair system, and Syncfusion’s Big Data Platform released—SD Times news digest: Feb. 2, 2016

Shares of Alphabet, Google’s holding company, opened nearly three percent higher today, pushing it past Apple. This makes Alphabet the most valuable public company, according to a report by CNBC. Alphabet has a market cap of US$547.1 billion, which is higher than Apple’s $529.3 billion. The last time Google was more valuable than Apple was … continue reading

Researchers team up to develop software that eliminates bugs

A team of researchers is looking to put an end to the industry’s longstanding software security problem. As part of a five-year, US$10 million grant from the National Science Foundation (NSF), computer scientists from MIT, Princeton, the University of Pennsylvania and Yale are coming together to develop integrated tools that exterminate software bugs. “In our … continue reading

StackEngine’s Container Application Center for Docker, and Black Duck’s free vulnerability plug-in—SD Times news digest: June 18, 2015

StackEngine has announced a new end-to-end container application-management solution. The Container Application Center for Docker is designed to help enterprises transition from the costs and inefficiencies of virtualization to containerization, according to the company. It features VMware-like control and security; Docker-enabled freedom, flow and collaboration; and container-native enterprise heterogeneity and security. (Related: Container Summit: Melding … continue reading

MIT researchers work to find integer overflow errors

MIT researchers have created a new algorithm to tackle one of the most common bugs in programming: integer overflows. According to the researchers, these errors not only can cause computer programs to crash, but also leave them vulnerable to attack. “Integer overflow errors are an insidious source of software failures and security vulnerabilities,” they wrote. … continue reading

HTML Snippets Powered By : XYZScripts.com

Get access to this and other exclusive articles for FREE!

There's no charge and it only takes a few seconds.

Sign up now!