
Recommended Application Security Testing (AST) Techniques
There are some very interesting takeaways from Gartner’s recent report “How to Deploy and Perform Application Security Testing” (published March 20, 2020, Gartner subscription required). Primarily, “application security testing (AST) is a critical practice within the software development life cycle (SDLC) and covers multiple techniques, from early development stages through to, and including, production.” Clearly, …
Continue reading “Recommended Application Security Testing (AST) Techniques”

GrammaTech Bug-Injector Research Receives IEEE SCAM 2019 Distinguished Paper
During the International Working Conference on Source Code Analysis & Manipulation (SCAM), a GrammaTech research publication was awarded the Institute of Electrical and Electronics Engineers (IEEE) Computer Society TCSE (Technical Council on Software Engineering) Distinguished Paper Award. The paper, “Automated Customized Bug-Benchmark Generation,” describes Bug-Injector, a system that automatically creates benchmarks for customized evaluation of static analysis tools. This work …
Continue reading “GrammaTech Bug-Injector Research Receives IEEE SCAM 2019 Distinguished Paper”

Make the most of the C/C++ static analysis tools
Static code analysis is the process of detecting flaws in software’s source code. The static analysis tools are useful to detect common coding mistakes; here are some benefits from using them: Make the code source more readable and maintainable. Prevent unexpected behavior in execution. Optimize the execution. Make the code more secure. Many C/C++ static analysis …
Continue reading “Make the most of the C/C++ static analysis tools”

Explore a flexible C/C++ SonarQube plugin based on CppDepend.
Both CppDepend and SonarQube are static analyzers that offer a rule-based system to detect problems in C/C++ code. However, the CppDepend default Rules-Set has very few overlaps with the SonarQube rules. Basically, the SonarQube rules are good at analyzing what is happening inside a method, the code flow while the CppDepend code model, on which the …
Continue reading “Explore a flexible C/C++ SonarQube plugin based on CppDepend.”

How Sound Static Analysis Complements Heuristic Analysis
Not all static analysis tools work the same, there are in fact a spectrum of tools that use a variety of techniques ranging from relatively simple syntactic analysis through very sophisticated abstract interpretation-like algorithms that reason about potential executions. Each approach has its strengths and weaknesses and often tools, like GrammaTech CodeSonar, use a combination …
Continue reading “How Sound Static Analysis Complements Heuristic Analysis”

Tainted Data and Format String Attack Strike Again
A recent code execution vulnerability (we also call this a code injection vulnerably) was discovered in Palo Alto Networks’ GlobalProtect SSL VPN, a product that handles SSL handshakes and in particular, certain versions of the software running on these products, PAN-OS. The vulnerability was discovered by security researchers Orange Tsai and Meh Chang and documented on their blog. …
Continue reading “Tainted Data and Format String Attack Strike Again”