Last time, I did a controversial post about the benefits of IDEs over text editors. With IDEs, I argued that the...
If you’re an organization that cares about security and the repercussions that come with that, then you...
Every revision control or source code management system uses branching. Branching refers to the duplication of...
Time and time again I get asked, how does static analysis fit into my existing bug tracking system? “I need...
As any static analysis or source code analysis vendor will tell you, false positives are a way of life. As any...
Compiler configuration is a problem with static analysis tools. In the past, a static analysis (or source code...
We have blogged before about software security guidelines, but there is one we haven’t discussed. Several...
Recently I was at our European partner advisory board. This is a session where we all get together and talk...
I read an interesting post on electronic imports that could contain security threats. I can only speak from the...
The U.S. Department of Homeland Security, in conjunction with the SANS Institute and Mitre have been hard at work...