Software Security Testing Tools
- June 24, 2008
An effort involving the Department of Homeland Security, Stanford University and software maker Coverity has resulted in fewer defects in open source software, including Perl, PHP and Python.
- June 16, 2008
Cenzic, a provider of Web application security vulnerability assessment tools, released 5.7 of Cenzic Hailstorm Enterprise ARC and Cenzic Hailstorm Professional. Attacks added to the library include cross-site request forgery (CSRF).
- June 09, 2008
Relevance, a Ruby on Rails software development practice, recently launched its Rails Security Audit. The service helps companies identify security vulnerabilities in Rails apps.
- May 28, 2008
HP announced the first major updates to HP Application Security Center since its purchase last year of software security specialist SPI Dynamics. The suite, now available as SaaS, supports a process that handles security vulnerabilities as just ...
- May 21, 2008
With the release of its new Application Security Solutions product at JavaOne, Parasoft Corp. is moving beyond application testing to focusing on security-based analysis and standards compliance, according to Wayne Ariola, vice president of ...
- May 07, 2008
Concurrent programs loom as a major developer and tester challenge as multicore processors grow in use. A dynamic analysis tool for Java from Coverity may automatically detect multithreading deadlocks and race conditions, while incurring low ...
- April 23, 2008
Summary: If your company outsources development or uses commercial off-the-shelf software, it can be difficult to ensure that the code is secure. Veracode hopes to facilitate that with its SecurityReview, an automated, subscription-based auditing ...
- March 17, 2008
Dotfuscator Professional 4.3 has enhanced application protection and heuristics that automatically extend to applications that use advanced Microsoft .NET Framework components.
- January 28, 2008
In the continuing drive to address quality and security earlier in the software development lifecycle (SDLC), two thought leaders in the automated source code analysis market -- Klocwork and Ounce Labs -- are targeting new releases at the developer.
- December 10, 2007
With Cenzic Hailstorm ARC 5.5, companies can continuously test production applications for security flaws in a virtual or "staging" environment without the risk of compromising the environment.
- November 20, 2007
BMC Software uses Klocwork's K7 automated source code analysis tool to help it improve the quality and reliability of its enterprise software lines.
- November 13, 2007
The first major release since being acquired by IBM, the latest version of Watchfire's AppScan tests for more vulnerabilities and is better able to scan difficult applications such as Flash and Ajax applications.
- November 12, 2007
Betfair, Europe's largest ecommerce site, uses Fortify Software's source code analysis tool, Fortify SCA 5.0, to automate the mundane parts of code review and to find bugs.
- October 23, 2007
Fortify SCA 5.0 enhances source code analysis by improving collaboration among development team members, adding support for more languages, and allowing the tool to be customized.
- September 27, 2007
Ounce Labs has extended its Ounce 5 source code analysis tool to include support for Classic ASP.