Fasoo Launches SPARROW on Cloud

Ron Arden Application Security Testing Leave a Comment

SPARROW, a static code analysis application, is now available as a Software as a Service (SaaS) offering to help organizations quickly detect critical software vulnerabilities at the early stages of software development.  “SPARROW on Cloud“, SPARROW’s cloud solution is an agile, flexible, reliable and cost effective solution that allows organizations to easily manage application security challenges. “IoT has brought an …

What is Lurking Inside Your Applications?

Ron Arden Application Security Testing, Cybersecurity, Data breach, Data security Leave a Comment

While everyone still draws attention to the need for protection from cyber-attacks and the need for firewalls, intrusion prevention systems, and similar tools, recent highly publicized breaches have been raising awareness on weaknesses in software developed and used. The market is now forced to focus on how to identify and remediate vulnerabilities within applications themselves as things like buffer overruns, …

[Case Study] Achieving Software Quality and Secure Coding Concurrently

David Kwag Application Security Testing Leave a Comment

Major National Bank Achieves Software Quality and Secure Coding Concurrently through SPARROW Expansion in electronic financial services requires advancement in software quality and secure coding Report from the Financial Supervisory Service in 2012 states that half of the financial data processing errors were caused while modifying the program. For businesses related handling of financial transactions, the quality assurance of the …

The Application Security Testing Tool Every Enterprise Should Have

David Kwag Cybersecurity Leave a Comment

Software security faces a variety of challenges before to ensuring that the software is secure. The first is to correct the security defects no matter what the category is. The second is being able to cover a big enterprise-wide based portfolio of applications to ensure their security as well. Source code analysis, more specifically, static application security testing or otherwise …