Software Engineering Scoreboard listing of metrics for software development teams to consider. The categories include Technical / Code Metrics, Product Development Metrics, Release Metrics and Process Health Metrics.
Read More
Driving the software supply chain
It’s a commonly held belief that applying static analysers alone can help spot and eradicate common security issues. However, with the high number of false positives reported when using static analysis, it makes knowing if you have detected a real error a time-consuming process, and the mitigation plans put in place might have just hidden the error under a false negative. But what are the alternatives?
Dynamic analysis can be used for detecting potential vulnerabilities in today’s embedded environments. And pairing dynamic and static analysis creates ‘actionable intelligence’ for developers, and allows them to quickly ascertain the absence of obvious reliability issues.
Read More