Posts Tagged ‘Security’

  • The final 2 automotive security vulnerabilities of 2015

    on Dec 17, 15 • by Jeff Hildreth • with No Comments

    The final 2 automotive security vulnerabilities of 2015

    Memory buffer problems and access control issues account for close to 40 percent of vulnerabilities this year. Find out how to spot and fix these problems in your software

    Read More »
  • Top automotive security flaws pt. 2: code and code injection

    on Nov 3, 15 • by Jeff Hildreth • with No Comments

    Top automotive security flaws pt. 2: code and code injection

    Read on to learn about what you can do to secure your code from the #8 and #7 vulnerabilities of 2015: improper control of generation of code, and weaknesses introduced during development

    Read More »
  • GM’s OnStar fix – how to fix it faster next time

    on Oct 7, 15 • by Andy Knapp • with No Comments

    GM’s OnStar fix – how to fix it faster next time

    And there will be a next time. There's a knowledge gap in the automotive industry when it comes to software development. How do we fix that

    Read More »
  • What is the state of your software security?

    on Sep 17, 15 • by Julia Smith • with No Comments

    What is the state of your software security?

    Two savvy technologists from Qualcomm, two renowned book authors, Polarion, Security Innovation, and Rogue Wave CTO, Rod Cope make for a educational, insightful afternoon. Join us

    Read More »
  • Webinar recap: Forging a more secure automotive software supply chain

    on Dec 2, 14 • by Roy Sarkar • with No Comments

    Webinar recap: Forging a more secure automotive software supply chain

    Discussing information you can use and what we learned from our audience during the "Forging a more secure automotive software supply chain" webinar

    Read More »
  • Upcoming webinar: Top tactics to reduce your open source security risk

    on Jul 21, 14 • by Roy Sarkar • with No Comments

    Upcoming webinar: Top tactics to reduce your open source security risk

    Open source is embedded in over 50% of enterprise applications and development environments today yet very few developers are aware of the inherent security risks. What steps should you take to maximize the benefits of open source software while substantially reducing risk? Join us on Wednesday, July 30th for our “Top tactics to reduce your open source security risk” webinar that will explore policies and tools to help identify where issues can happen and discuss strategies to deliver safer, more secure software. We’ll look at a combination of open source governance and management tools along

    Read More »
  • Secure Coding Learning Center

    on Sep 13, 12 • by Brendan Harrison • with No Comments

    Secure Coding Learning Center

    One of the common challenges we hear from customers regarding their software security assurance programs is developer education. Sure, there are many great tools out there that can help with security, but when it comes down to it, if you’re going to truly build a culture of secure software (and not just audit your system now and then), your development team needs to be well versed on key security concepts, defensive coding principles, common attack vectors, not to mention the ins and outs of specific coding vulnerabilities like buffer overflows. Well, we agree. That’s why

    Read More »
  • CWE Compatibility Program

    on Sep 5, 12 • by Alen Zukich • with No Comments

    CWE Compatibility Program

    If you’re an organization that cares about security and the repercussions that come with that, then you probably already know all about Common Weakness Enumeration (CWE). CWE is a community project sponsored by the MITRE Corporation. As a software vendor providing security vulnerability detection, it’s important to be part of the CWE Compatibility Program.  This program identifies vendors that are officially CWE-compatible. This means you can count on the vendor to provide guidance in their product with respect to CWE identifiers, including direct links to the wealth of information that is kept up to date

    Read More »
  • Hacking an automobile: When software security is life-critical

    on Aug 21, 12 • by Brendan Harrison • with 1 Comment

    Hacking an automobile: When software security is life-critical

    Software security assurance for embedded software is a big challenge. This article on embedded systems and automobile security summarizes it nicely: White hats are increasingly looking beyond PCs and data centres for security vulnerabilities that have plagued the computer industry for decades and focusing on products like cars, medical devices and electricity meters that run on tiny computers embedded in those products. For embedded software teams to become the target of hackers is a big change. While website owners and developers of cloud applications or PC software are used to all this attention from hackers,

    Read More »
  • Klocwork Insight 9.5 Continues to Roll…

    on Mar 6, 12 • by Brendan Harrison • with No Comments

    Wow, what a week last week. We’ve been busy spreading the word about Klocwork Insight 9.5 and all its on-the-fly-analysis goodness since late January and the reaction has been amazing, but last week took the cake. First, Klocwork Insight 9.5 won its first award: the Military Embedded Systems Editor’s Choice. Here’s an excerpt from their write-up: Software developers have enough on their plates without having to spend undue time analyzing their code. Sure, there is traditional source code analysis, whether done manually or by using techniques such as static or dynamic analysis, but Klocwork’s Insight

    Read More »
Scroll to top