PCWorld is carrying an interesting story on a new tool that is being released expressly to identify and combat security holes in compiled software.
On Monday, @stake, of Cambridge, Massachusetts will unveil SmartRisk Analyzer, an application security modeling and analysis tool that scans computer code written in the C, C++, and Java languages for flaws like buffer overflows that, if left undetected, pose security risks for customers using finished software products.
The product compares code to an @stake database of about 400 security and code reliability rules. It can generate reports that list flaws by type or rank them by severity. A remediation module marks erroneous code in an environment that resembles the integrated development environments most software developers work in, and appends suggestions for ways to fix coding mistakes, @stake said.
Innovative name for a security company ;)
- Log in to post comments