In this post we explore why the HP Laptop is exploitable, and offer a better mechanism for installing debug code that ensures this issue cannot reoccur.Read More
With 50% of recalls in recent times being due to software faults, and the average car’s software content to reach over 300mil lines within the decade, Automotive OEMs and their suppliers are working to improve development processes which can produce reliable software, and continue to increase consumer confidence in connected car technology.Read More
It’s a commonly held belief that applying static analysers alone can help spot and eradicate common security issues. However, with the high number of false positives reported when using static analysis, it makes knowing if you have detected a real error a time-consuming process, and the mitigation plans put in place might have just hidden the error under a false negative. But what are the alternatives?
Dynamic analysis can be used for detecting potential vulnerabilities in today’s embedded environments. And pairing dynamic and static analysis creates ‘actionable intelligence’ for developers, and allows them to quickly ascertain the absence of obvious reliability issues.Read More
“The universal use of components in application development means that when a single vulnerability in a single component is disclosed, that vulnerability now has the potential to impact thousands of applications — making many of them breachable with a single exploit,” said Chris Wysopal, CTO, CA Veracode.Read More