A recent article by Maria Cosgrove in CSO asked the question “Wouldn’t it be nice if software developers had something like spellcheck, but instead of catching simple grammar mistakes, it caught basic security problems?”
Very good question, especially when you think about all the cyber security problems and attacks we’ve seen in recent months. The reality is that developers are still writing software with security vulnerabilities. As project timelines contract and more people are involved, the development cycle becomes more complex and is prone to problems. If the problems were rarely seen bugs, it would be one thing, but why are there so many basic errors inside a lot of software?