Memory Safety Issues Are Still the Leading Source of Security Vulnerabilities

A recent headline was published in several technology news outlets, at ZDNet “Microsoft: 70 percent of all security bugs are...

Integrating Clang Static Analyzer with CodeSonar using SARIF

We have discussed the benefits of using SARIF, an open standard for exchanging static analysis results, in a previous post....

CodeSonar in the SWAMP

INTRODUCTION:

The Software Assurance Marketplace (SWAMP) is an open tool set designed to improve quality and security...

The Role of Static Application Security Tools (SAST) in DevSecOps

The term DevSecOps is a contraction of DevOps, itself a contraction of Developer Operations, and Security. It’s the in-vogue...