Software Exposes Bugs Early
LogicLibrary application helps developers improve software quality, reduce quality-assurance times, and ensure secure software distribution.
LogicLibrary Inc., a maker of automated software-quality applications, this week will unveil software to help developers expose vulnerabilities before viruses, bugs, and Trojan horses start attacking internal users and customers.
The new software, Logiscan 2.0, also is integrated with LogicLibrary's asset-management product, Logidex. Logiscan analyzes binary code for both commercial and in-house developers and directs customers in real time to vulnerabilities within the source code. Such information could improve software quality, reduce quality-assurance times, and help ensure secure software distribution.
Logiscan 2.0 includes support for Sun's Java 2 Enterprise Edition programming language and Sparc processors, expanded reporting options, and easier-to-understand visualization. The software provides binary analysis of J2EE and views into vulnerabilities such as buffer overflows and cross-site scripting. Customers also can analyze binary code in aggregate or trend reports. The aggregate versions let developers view a complete list of vulnerabilities so they can zero in on one quickly. Trend reports provide a list of all the updates made to an application.
LogicLibrary's new AppExplorer graphical user interface lets users scan across multiple applications or focus in on one of them to trace data from the point of vulnerability to the eventual problem.
Logiscan is sophisticated because of the way it uses binary analysis to find flaws that might otherwise be found only when hackers exploit them after the apps come in contact with outside services, IDC analyst Melissa Webster says. The tool also is of great value to third-party software users who don't have access to source code, she says. "The business need for LogicLibrary, as with any security vendor, is to reduce risk for apps that exist beyond the perimeter," she says. "It's very difficult for any app developer to know all the ways that their software can be exposed."
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022