Sloppy coding + huge PSD2 changes = Lots of late nights for banking devs next year – The Register

In the recent article by By John Leyden, “Sloppy coding + huge PSD2 changes = Lots of late nights for banking devs next year” He discusses the impact of poorly written code, and the significant security risk and challenges the banks will face in the next 12 months. Bad coding and poor software quality have practical…

Read More

Migrate and Modernise Old Applications: How Difficult Can It Be? Or, Remember Fortran, Anyone?

This article was inspired by a NASA competition announcement early in 2017 seeking help to update an old FORTRAN application. Here, we examine what’s the best course of action for migrating legacy applications to a modern environment – bugs and all.

Read More

Actionable Intelligence For Software Security

It’s a commonly held belief that applying static analysers alone can help spot and eradicate common security issues. However, with the high number of false positives reported when using static analysis, it makes knowing if you have detected a real error a time-consuming process, and the mitigation plans put in place might have just hidden the error under a false negative. But what are the alternatives?

Dynamic analysis can be used for detecting potential vulnerabilities in today’s embedded environments. And pairing dynamic and static analysis creates ‘actionable intelligence’ for developers, and allows them to quickly ascertain the absence of obvious reliability issues.

Read More