testing

Static Testing is a well-known and beneficial concept within the testing space, but tightened budgets and looming deadlines can hinder the benefits. Here are few suggestions on how taking a risk-based approach to static testing can help realize the benefits.

The new Regulation National Market System (Reg NMS) has brought in major changes in the structure of the equities markets in the USA. As the original NMS framework dates back almost three decades, it is obvious that the old framework cannot fit into the intricate trading systems of the present era.

Based on a recent study by Gary McGraw and other well known security gurus, all major product security teams apparently use fuzzing. But most (even security specialists) still seem to misunderstand what fuzzing really is about. Enter the world of fuzzing!

Organizations use IT for service enablement and IT has proven itself to be essential to provide the levels of service that customers demand.

A survey by AppLabs finds that more than 25% of respondents are concerned that their websites are at risk for failure. AppLabs is the largest independent global IT services company specializing in quality management, testing, and certification solutions.

Now something completely unrelated to VoIP: Reason behind all vulnerabilities in software! I read an article that explained how vulnerabilities are basically created by the fact that people tend to drift from good development principles into practices that are just simply Fun. The engineers among us know that software development can be enormously interesting, something you would happily even do in your leisure time. But can fun be converted into reliable software?

Coverity, the leader in improving software quality and security, announced that the company’s CEO, Seth Hallem, has been recognized by the Massachusetts Institute of Technology (MIT) Technology Review magazine as one of the world’s top innovators under the age of 35, for contributions in the field of software quality and testing. Selected by a panel of expert judges and the editorial staff of Technology Review, those named to the TR35 represents an elite group of accomplished individuals who exemplify the spirit of innovation.

I am curious how people can conduct penetration tests of a complex VoIP system when they barely understand how VoIP infrastructure works. Today, security people are still stuck to auditing practices from 1990s. When asked to do a penetration test, a consultant often is only looking at past issues that can be detected using various vulnerability scanners. Very few of them know that vulnerability scanners have extremely bad coverage of vulnerabilities in VoIP solutions. And even if the tools did know VoIP, who really cares about past issues that might have been relevant several years ago.

Join Coverity for a web seminar to learn more about Coverity Software Readiness Manager, our newest product for ensuring superior software integrity. Today’s development managers and executives need objective, reliable data so they can make informed decisions about code readiness and risk. Software Readiness Manager delivers key intelligence about your Java code bases, allowing you to: • Objectively determine if code is ready to ship • Reliably assess the quality of existing/acquired/outsourced/open source code • Correlate code coverage with risk to ensure adequate testing