Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security industry is source code analysis tools, also known as static analysis tools.

We may not see perfect source code in our lifetime, but we are seeing much better analysis tools and promising new approaches to remedy the problem.

Image Credits: GitHub In the background, this new feature uses the CodeQL engine, GitHub's semantic analysis engine to find vulnerabilities in code, even before it has been executed.

A year ago the Department of Homeland Security contracted with Coverity, a maker of a source code analysis tool, to harden open source software. (Stanford University and Symantec are also involved ...

That’s where source code analysis (SCA) tools fit in. Historically, SCA tools have not provide insight into AI, but that’s now changing.

New Pega Blueprint features allow organizations to quickly create modern, cloud-native applications from a wide array of legacy system assets Organizations can upload documents, code analysis ...

Finite State's advanced binary and source code analysis and software bill of materials (SBOM) solutions will complement SomosID's IoT asset registry, enabling enterprises to: ...

Image Credits: GitHub In the background, this new feature uses the CodeQL engine, GitHub’s semantic analysis engine to find vulnerabilities in code, even before it has been executed.