Static Code Analysis in an Agile World

To keep pace with ever-increasing customer demands on software functionality and time-to-market expectations, software developers have had to evolve the way they develop code to be both faster and higher quality. As part of this trend, the Waterfall method of software development began to give way in the late 1990s to a more lightweight method of software development: Agile.

Get Whitepaper

TotalView for OpenPOWER, CUDA, and OpenMP

This talk from ScicomP 2015 helps you debug numerical simulations better by reviewing best debugging practices for CUDA and OpenACC-accelerated applications and discussing the development of OpenMP-specific tracing and debugging interfaces (including the OMPD interface for performance analysis).

View Now

Fuzz Testing Maturity Model

Fuzz testing is an industry-standard technique for locating unknown vulnerabilities in software. Fuzz testing is mandatory portion of many modern secure software development life cycles (SDLCs), such as those used at Adobe, Cisco Systems and Microsoft. This document provides a framework to assess the maturity of your processes, software, systems and devices. At the heart of this document is a vendor-agnostic maturity model for fuzz testing that maps metrics and procedures of effective fuzz testing to maturity levels. The maturity model is a lingua franca for talking about fuzzing, allowing different organizations to communicate effectively about fuzzing without being tied to specific tools.

The Fuzz Testing Maturity Model (FTMM) gives builders and buyers a set of standard levels for communicating about fuzz testing.

Synopsys solutions help deliver a more comprehensive security offering for the SDLC by adding black box testing capabilities, including the Codenomicon Defensics® tool for file and protocol fuzz testing, and the Codenomicon AppCheck™ tool for software composition analysis and vulnerability assessment.

Get Whitepaper

What is Fuzzing: The Poet, the Courier, and The Oracle

Fuzzing is well established as an excellent technique for locating vulnerabilities in software. The basic premise is to deliver intentionally malformed input to target software and detect failure. A complete fuzzer has three components. A poet creates the malformed inputs or test cases. A courier delivers test cases to the target software. Finally, an oracle detects if a failure has occurred in the target. Fuzzing is a crucial tool in software vulnerability management, both for organizations that build software as well as organizations that use software.

Get Whitepaper

Build VS. Buy: Calculating The ROI For Embedding Analytics Capabilities In Your Software Applications

The first step in tackling the "build versus buy" question is understanding the requirements: what end user functionality is desired, prioritizing the needs, and then evaluating the feasibility of building such capabilities.

Get Whitepaper

Embedded Analytics 101 – What it is and Why You should Care

Embedded analytics is the technology that integrates analytic capabilities into software applications. When implemented successfully, embedded analytics can bring to life the data collected by your applications and provide a superior user experience.

Get Whitepaper

The Product Delivery Problem (Hint: It’s Not You)

For product managers and their counterparts, the road to launch is a fight to keep every task, every detail, every change grounded in business goals. It’s not enough to be fast. Or to deliver the right product. You need to do both. This requires:

• Balancing the needs of many stakeholders to define a set of requirements for what’s being built, why and how.

• Prioritizing and re-prioritizing “must-have” mandates from multiple voices—everyone from front-end users to engineers to sales to support.

• Ensuring that what gets built is what every one expects.

This white paper outlines surefire ways you can establish and maintain a strong connection between intended outcomes, development methodologies and customer value.

Get Whitepaper

ESG Brief: Enhancing Database Environments with NetApp Storage

Organizations of all kinds rely on their relational databases for both transaction processing and analytics, but many still have challenges in meeting their goals of high availability, security, and performance. Whether planning for a major upgrade of existing databases or considering a net new project, enterprise solution architects should realize that the storage capabilities will matter. NetApp’s systems, software, and services offer a number of advantages as a foundation for better operational results.

Get Whitepaper

Profiting from the Transition to Physical + Digital Solutions

Technology trends impacting network equipment providers include increasing software intellectual property (IP) component in physical products, mainstreaming of virtualization technology, the ability to decouple software from hardware and an increasing desire for service providers and enterprises to transition from using custom hardware to generic, commercial off the shelf (COTS) hardware powered by software.

Get Whitepaper

Testing SAP Solutions For Dummies

In this eBook, we share how IBM software and solutions can help an organization manage quality and begin testing SAP solutions and the integrations they depend on earlier, continuously, while testing smarter.

Get Whitepaper

Version Everything for Outstanding DevOps Performance

Over the last five years, the DevOps movement has brought Development and Operations teams together to meet the common goal of releasing better-quality software faster.

A key to DevOps success is the adoption of and adherence to a much advocated best practice: version everything.

Get Whitepaper

Development Testing For Java Applications

Learn how the Coverity Development Testing Platform can be used in conjunction with open source solutions to help you fix more of the quality and security issues in your Java code that matter, with your existing resources and a unified process across the enterprise.

Get Whitepaper

Development Testing for C# Applications

Static analysis shouldn’t be about finding loads of coding style or standard issues. It should be focused on finding the most critical defects. Although traditional byte code analysis solutions such as FxCop are useful, they can miss critical, crash causing defects - plus produce a large set of coding style issues, which can slow down the development team. Learn how the Coverity Development Testing Platform can help you:

• Find and fix resource leaks, concurrency problems and null references within Visual Studio

• Eliminate defects such as inconsistent indention issues and copy paste errors that can only be found by understanding the intent of the programmer through source code analysis

• Understand the impact of change to better prioritize and focus your automated testing efforts

Get Whitepaper

Development Testing for Agile Enterprises: Helping Teams Maximize Velocity

Companies need to get their products to market faster to remain competitive and capitalize on market opportunity. Learn how the Coverity platform seamlessly integrates with Agile development methodologies and tools to help maximize development efficiencies.

Get Whitepaper

The Great Security Divide

How do you get your development team to collaborate with you to achieve more secure software? Learn some of the common pitfalls to avoid as you work on building a long term, more strategic relationship with development.

Get Whitepaper