The Role of Static Analysis in Assessing Trustworthiness of IIoT Software

In a previous post I introduced the Industrial Internet Consortium (IIC), the reference architecture and the concepts of...

Tainted Data and Format String Attack Strike Again

A recent code execution vulnerability (we also call this a code injection vulnerably) was discovered in Palo Alto Networks’...

The Role of Static Analysis in the SAE J3061 Cybersecurity Process Framework

The Society of Automotive Engineers (SAE) J3061 cybersecurity process framework was created to address a large disconnect...

What is Static Application Security Testing (SAST)?

We often get the question from developers and engineering managers: “What is SAST?” often followed by “Ok, what do SAST...