Fasoo Launches SPARROW on Cloud

SPARROW, a static code analysis application, is now available as a Software as a Service (SaaS) offering to help organizations quickly detect critical software vulnerabilities at the early stages of software development.  “SPARROW on Cloud“, SPARROW’s cloud solution is an agile, flexible, reliable and cost effective solution that allows organizations to easily manage application security challenges. “IoT has brought an …

Should Developers Have a Spellchecker for Security?

A recent article by Maria Cosgrove in CSO asked the question “Wouldn’t it be nice if software developers had something like spellcheck, but instead of catching simple grammar mistakes, it caught basic security problems?” Very good question, especially when you think about all the cyber security problems and attacks we’ve seen in recent months.  The reality is that developers are …

Add Static Application Security Testing to Your Arsenal

Many companies have significant investments in network security, but it’s not enough because a significant chunk of all cyber-attacks are happening on the application layer. Cyber criminals are increasingly targeting the application stack for exploitation. According to the U.S. Department of Homeland Security (DHS), 90% of security incidents result from exploits against defects in software. The Forrester Wave: Application Security …

Don’t Get Caught With Your Pants Down – Static Application Security Testing Must be part of Security Risk Management

Technology has changed the way we live our lives. Whether we are at work, home or outside, we have become dependent on our computers, mobile phones and the internet. On a daily basis, we all interact with a significant number of applications. Demand for technology has led to an explosion of software we use daily, whether these are applications used in …

[Case Study] Achieving Software Quality and Secure Coding Concurrently

Major National Bank Achieves Software Quality and Secure Coding Concurrently through SPARROW Expansion in electronic financial services requires advancement in software quality and secure coding Report from the Financial Supervisory Service in 2012 states that half of the financial data processing errors were caused while modifying the program. For businesses related handling of financial transactions, the quality assurance of the …