Access "Klocwork Insight Tool Dynamically Tests Security of Applications"
This article is part of the March 2008 issue of Reviews of six top Web application firewalls
Outside the Sandbox New tool allows developers to work locally, secure globally. Klocwork has introduced an interesting technology that allows individual application developers or working groups to dynamically test the security impact on projects while remaining insulated from the rest of the code. Not long ago, pleas for secure development, particularly for Internet-facing apps, couldn't compete with the imperative to get it developed, get it working and get it deployed. Predeployment reviews have typically focused on QA, but not security per se. No more. Because of celebrated data breaches and regulations, application- and source code-testing products are getting serious attention. Last year, two of the better-known black box app testing vendors, Watchfire and SPI Dynamics, were acquired by IBM and HP, respectively, validating the importance of security vetting for existing applications and those under development. Companies like these and the still independent Cenzic offered themselves as cost-effective alternatives to labor-intensive and very expensive ... Access >>>
Premium Content for Free.
Case Study: Company deploys full disk encryption policy on laptops
One billion-dollar company isn't taking chances with data stored on its laptops. It deployed full disk encryption on every machine, an increasingly popular security strategy.
SonicWALL NSA E5500 product review
Product review of SonicWALL NSA E5500 security tool basic and advanced firewall features, setup, pricing, VPN and wireless security.
Novell's Sentinel 6.0 product review
In this product review of Novell's Sentinel 6.0, an addition to the SIEM market, learn about cost, setup, OS support, configuration and management.
Klocwork Insight Tool Dynamically Tests Security of Applications
Klocwork Insight tool sandbox technology allows developers to test code and security of applications while remaining insulated from the rest of the code.
- Viewpoint: War analogies tread a fine line
- Case Study: Company deploys full disk encryption policy on laptops
Security Services: TraceSecurity Risk Manager
At Your Service
Product review: Palo Alto Networks PA-4050
Imperva SecureSphere Database Gateway product review
Imperva's SecureSphere Database Gateway is evaluated for its installation and configuration, management and monitoring, vulnerability assessment and reporting capabilities.
Security Learning its Role in E-Discovery
Security teams are learning their crucial role in processing e-discovery requests.
Comparative Product Review: Six Web Application Firewalls
No longer can security managers focus only on perimeter and host security. The application has become the prime target for hackers. We review six leading Web application firewalls from Barracuda, Bee Ware, Breach Security, Citrix, F5 and Imperva that help deliver your critical apps securely.
- Security Services: TraceSecurity Risk Manager
Face-Off: Is Security Market Consolidation a Plague or Progress
Bruce Schneier and Marcus Ranum debate the impact of market consolidation on information security.
Interview with Macbook Hacker Dino Dai Zovi
PING: Dino Dai Zovi
E-Discovery Compliance Requires Security Pros to Think As Lawyers Do
Perspectives: Think Like a Lawyer
Researcher Puts Quantitative Measurement on Information Security Threats
Editor's Desk: Score One for Threats
- Face-Off: Is Security Market Consolidation a Plague or Progress
More Premium Content Accessible For Free
The network of today's enterprise is larger and more diverse than ever, which means there's more for hackers to attack. So as enterprises update ...
In the rush to capitalize on big data, many companies forget that developing an ecosystem of structured and unstructured data means higher risk of ...
As the number of Internet-connected devices grows, the potential security challenges of the so-called "Internet of Things," or IoT, can no longer be ...