"Any objective framework for evaluating research efforts is valuable," Gwyn Fisher, chief technology officer for Klocwork, told CRM Buyer. "The ongoing effort by NIST to develop such a framework is very much appreciated by the community and provides a significant benchmark th...
"[Testing's] obviously critical, and it's growing in importance.What's changed is that testing used to be almost exclusively thedomain of testers who, by definition, aren't that close to the code. Now,developers are seen to have equal responsibility for security and areexpected to pursue rigorous verification of their code before it'sever given to a test team. That's a big paradigm shift for manydevelopment teams, but definitely a healthy change where securitybecomes an organizational responsibility and not just the purview ofthe test team," Gwyn Fisher, CTO of Klocwork, told LinuxInsider.Klocwork develops static code analysis technologyused by software developers and quality assurance (QA) organizations...
"[Testing's] obviously critical, and it's growing in importance.What's changed is that testing used to be almost exclusively thedomain of testers who, by definition, aren't that close to the code. Now,developers are seen to have equal responsibility for security and areexpected to pursue rigorous verification of their code before it'sever given to a test team. That's a big paradigm shift for manydevelopment teams, but definitely a healthy change where securitybecomes an organizational responsibility and not just the purview ofthe test team," Gwyn Fisher, CTO of Klocwork, told LinuxInsider.Klocwork develops static code analysis technologyused by software developers and quality assurance (QA) organizations...
Software is an integral part of everything we do now -- drive a car, make a phone call, turn on the TV, get on an airplane and, yes, exercise your right to vote. Is this the same software that just crashed my new cell phone or sent my credit card number off to a hacker in Eastern Europe? Well, not exactly the same software, but yes, it is software, and it is susceptible to the same sort of risks, with perhaps much more at stake...