Product aims to fix security flaws during app creation
By Robert Mullins
May 6, 2008 —
Software is routinely tested for reliability, performance and manageability throughout the development process, but application security, previously ignored, is finally getting the same amount of attention.
Parasoft, a 20-year-old company that has offered testing software for all those issues, introduced a product at JavaOne 2008 today that it says integrates security reviews into the process without sacrificing productivity.
The offering, dubbed Parasoft Application Security Solutions, performs a daily analysis of software code as it’s compiled, and identifies security vulnerabilities and suggests ways to fix the problem. It can be bundled with other Parasoft tools that analyze code for performance, reliability and manageability, said Wayne Ariola, vice president of strategy at Parasoft.
Each vulnerability detected is prioritized, and a report appears within the IDE that the developer is working in, including direct links to the problematic code and recommended fixes, Ariola said. It resolves security issues while it raises developer awareness.
“Not only are we fixing the problem, we are also raising the ‘security IQ’ of that developer,” Ariola added.
Parasoft is already serving the developer market with SOA quality and application development quality tools, and bundling its security tool with them would give security the status it needs in a project, Ariola said.
Of course, Ariola noted, there are other companies offering testing for application reliability, code quality or security, such as Fortify Software, Instantiations and others. But too often, developers don’t address security vulnerabilities until late in the process, or use audit tools to detect possible risks, which only go so far. “It’s great to have an audit tool, but it doesn’t help remediate the problem,” Ariola argued.
Related Search Term(s): Security, testing & troubleshooting
Share this link: http://sdt.bz/32148
Most Read Latest News Blog Resources
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Zeichick’s Take: Radio moves from analog waveforms to digital packets
Streaming radio highlights the need for streaming applications to be designed to take up as little bandwidth as possible
|
|
Appcelerator Acquires Cocoafish to Add Instant Mobile Cloud Capabilities to its Industry Leading Titanium Platform
Appcelerator Offers Messaging, Social, Location and Storage Mobile Cloud Services to All Mobile App Publishers
|
|
ComponentOne Releases a Collection of 40+ UI Widgets Powered by HTML5 and jQuery
ComponentOne has announced the 2012 release of Wijmo: a kit of UI widgets for HTML5 and jQuery development
|
Taking enterprise architecture to the business side
Startup Corso is bringing out a cloud-based planning platform that ties into business plans
|
|
Top five apps to manage your workload
Web applications offer new ways to track your “to-do” lists
|
|
Not so fast when it comes to testing in the cloud
Developers face outsourcing, virtual lab management and mobile devices as obstacles
|
|
Xceed releases UX-focused suite for Microsoft’s WPF
"Blendables" helps match user experiences to developer visions
|
Are you at risk for burnout?
Burnout is a severe problem and it can strike at any time. Here's how to tell if you are nearing the edge.
|
|
Agility, mom, and apple pie
If we're to evaluate the state-of-the-art in software development, we should start with the values espoused in the Agile Manifesto.
|
|
RIM woos developers with free tablet
How do you get more apps ported to the BlackBerry PlayBook? By giving every developer a free tablet, of course!
|
|
GitHire: Use Headhunters to Find Your Perfect Programmer
Are you a hiring manager tired of scouring the job boards? Check out this new service that will find 5 people interested in your jobs.
|
The Hidden Costs of Software Licensing
Moving beyond paper-based software licensing to more flexible, software-based licensing is a business decision. There is a growing trend tow...
|
|
Case Study: You May Need a Development Mechanic
As a contractor for a major financial player in Germany, SOBEGE, a German-based consultancy specializing in embedded IT and web services, wa...
|
|
Ensuring Software Quality at a Major International Bank
One of the world’s leading international banks has adopted AgitarOne technology for delivering generated unit tests for their Java software...
|
|
Load Testing Adobe Flex Applications
Adobe Flex applications may be different from applications you’ve worked with before. For classic HTML web applications, the server does all...
|
Related Articles
HP updates its Application Security Center
Hewlett-Packard announces that its service-based Assessment Management Platform will debut before Labor Day. DevInspect, QAInspect and WebInspect will be receiving upgrades to their security features.
|
Cigital Develops Ready-to-Use Tools for Securing the Smart Grid
Cigital Inc. announced the release of the Guide to Developing a Cyber Security and Risk Mitigation Plan.
|
Zero tolerance for bugs
Static analysis provides a thorough examination of code, allowing testers to see problems and descriptions of their impact on security. Drawbacks include false positive/false negative issues and a lack of a consistent implementation.
|