Using Static Analysis with Legacy Code

The adoption of any new tool into an existing software development process and established code base is always a challenge....

FDA Updates Guidance for Managing Cybersecurity for Medical Devices

In a previous post, I discussed the role of static analysis in managing cybersecurity for medical devices. It was in...

Open-source Tools for Binary Analysis and Rewriting

Unfortunately binary-only software is unavoidable; dependencies of active software projects, firmware and applications...

Memory Safety Issues Are Still the Leading Source of Security Vulnerabilities

A recent headline was published in several technology news outlets, at ZDNet “Microsoft: 70 percent of all security bugs are...

The Industrial Internet Reference Architecture and Security Framework

The Industrial Internet Consortium (IIC) is a non-profit, industry group that is investigating and proposing the standards...