DevSecOps in Safety Critical Avionic Software and the Role of Static Analysis

DO-178C, Software Considerations in Airborne Systems and Equipment Certification, is a standard published by RTCA, Inc and...

Using SARIF to Extend Analysis of SAST Tools

The static analysis interchange format (SARIF) is now an approved OASIS standard. We have discussed in other posts the...

Recommended Application Security Testing (AST) Techniques

There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security...