Software Security Testing Tools

  • July 02, 2008 02 Jul'08

    PCI compliance help via Fortify software

    Fortify Software facilitates compliance with PCI DSS requirement 6.6 with the addition to Fortify 360 that highlights issues that violate PCI DSS.

  • June 24, 2008 24 Jun'08

    Homeland Security-backed effort shows defects drop in open source software

    An effort involving the Department of Homeland Security, Stanford University and software maker Coverity has resulted in fewer defects in open source software, including Perl, PHP and Python.

  • June 16, 2008 16 Jun'08

    Cenzic Web application security tool targets CSRF attacks

    Cenzic, a provider of Web application security vulnerability assessment tools, released 5.7 of Cenzic Hailstorm Enterprise ARC and Cenzic Hailstorm Professional. Attacks added to the library include cross-site request forgery (CSRF).

  • June 09, 2008 09 Jun'08

    Ruby on Rails security audit service available

    Relevance, a Ruby on Rails software development practice, recently launched its Rails Security Audit. The service helps companies identify security vulnerabilities in Rails apps.

  • May 28, 2008 28 May'08

    HP software security suite treats vulnerabilities as defects

    HP announced the first major updates to HP Application Security Center since its purchase last year of software security specialist SPI Dynamics. The suite, now available as SaaS, supports a process that handles security vulnerabilities as just ...

  • May 21, 2008 21 May'08

    Parasoft focuses on application security analysis

    With the release of its new Application Security Solutions product at JavaOne, Parasoft Corp. is moving beyond application testing to focusing on security-based analysis and standards compliance, according to Wayne Ariola, vice president of ...

  • May 07, 2008 07 May'08

    Dynamic analysis tool from Coverity looks at concurrency defects

    Concurrent programs loom as a major developer and tester challenge as multicore processors grow in use. A dynamic analysis tool for Java from Coverity may automatically detect multithreading deadlocks and race conditions, while incurring low ...

  • April 23, 2008 23 Apr'08

    Veracode provides security audits for externally sourced code

    Summary: If your company outsources development or uses commercial off-the-shelf software, it can be difficult to ensure that the code is secure. Veracode hopes to facilitate that with its SecurityReview, an automated, subscription-based auditing ...

  • March 17, 2008 17 Mar'08

    Enhanced application protection in Dotfuscator Professional 4.3

    Dotfuscator Professional 4.3 has enhanced application protection and heuristics that automatically extend to applications that use advanced Microsoft .NET Framework components.

  • January 28, 2008 28 Jan'08

    Developers get bigger role in software quality, security

    In the continuing drive to address quality and security earlier in the software development lifecycle (SDLC), two thought leaders in the automated source code analysis market -- Klocwork and Ounce Labs -- are targeting new releases at the developer.

  • December 10, 2007 10 Dec'07

    Application security testing goes virtual

    With Cenzic Hailstorm ARC 5.5, companies can continuously test production applications for security flaws in a virtual or "staging" environment without the risk of compromising the environment.

  • November 20, 2007 20 Nov'07

    BMC uses source code analysis to improve software line

    BMC Software uses Klocwork's K7 automated source code analysis tool to help it improve the quality and reliability of its enterprise software lines.

  • November 13, 2007 13 Nov'07

    AppScan Web application security scanner enhanced

    The first major release since being acquired by IBM, the latest version of Watchfire's AppScan tests for more vulnerabilities and is better able to scan difficult applications such as Flash and Ajax applications.

  • November 12, 2007 12 Nov'07

    Betfair uses source code analysis tool to eliminate software bugs

    Betfair, Europe's largest ecommerce site, uses Fortify Software's source code analysis tool, Fortify SCA 5.0, to automate the mundane parts of code review and to find bugs.

  • October 23, 2007 23 Oct'07

    Brief: Fortify enhances its source code analysis tool

    Fortify SCA 5.0 enhances source code analysis by improving collaboration among development team members, adding support for more languages, and allowing the tool to be customized.