FDA Updates Guidance for Managing Cybersecurity for Medical Devices

In a previous post, I discussed the role of static analysis in managing cybersecurity for medical devices. It was in...

Memory Safety Issues Are Still the Leading Source of Security Vulnerabilities

A recent headline was published in several technology news outlets, at ZDNet “Microsoft: 70 percent of all security bugs are...

Integrating Clang Static Analyzer with CodeSonar using SARIF

We have discussed the benefits of using SARIF, an open standard for exchanging static analysis results, in a previous post....

CodeSonar in the SWAMP

INTRODUCTION:

The Software Assurance Marketplace (SWAMP) is an open tool set designed to improve quality and security...