Klocwork helps developers create more secure and reliable software. Our tools analyze source code on-the-fly, simplify peer code reviews and extend the life of complex software. Over 1,100 customers in the mobile device, consumer electronics, medical technologies, telecom, automotive, gaming, military and aerospace sectors rely have made Klocwork part of their software development process.

Our Website: http://www.klocwork.com

Latest Content From Klocwork

Whitepaper: Challenging Some of the Myths About Static Code Analysis

by KlocworkJun 13, 2014

Why Static Code Analysis? Static code analysis, or SCA, can be described as the analysis of whole-program source code without the execution of that program. A number of interpretations and even misconceptions about this technology and how it impacts or benefits you, the developer, have emerged over time. You may have heard some of them yourself.

Thankfully, there is also a lot of information about the many benefits SCA provides, from faster project execution, to better source code at

Whitepaper: Defend Against Injection-based Attacks

by KlocworkDec 23, 2013

Injection vulnerabilities allow a malicious attacker to insert specific commands into an application or code that will execute undesired behaviour on their behalf. These attacks usually exploit an application at the point where it requests user input for later processing. The most common types of injection vulnerabilities include SQL Injection, Command Injection, Cross Site Scripting, XPath and LDAP Injection.

This paper provides a detailed description of injection vulnerabilities,

Webcast: Catch the Security Breach Before It’s Out of Reach

by KlocworkNov 19, 2013

Software security breaches can happen in many places, including at the source code level. ?Join us for this interactive, practical discussion to:Understand how data breaches occur in web, desktop and mobile applicationsUncover techniques to recognize and assess potential problems in source codeIdentify potential application security problems in your codeUse automated tools like static and dynamic analysis for weakness detectionOpportunities for vulnerable code breaches are often created

Webcast: Mitigating M2M Security Risks in Critical Embedded Systems

by KlocworkJun 20, 2013

Machine-to-Machine (M2M) communication offers enormous potential to expand the capabilities of devices, including remote wireless management and updates.
However, there are profound security implications as the software running therein must be completely fault-tolerant and hardened from attack.

Join this webinar to learn about:
Common attacks, threats? and security considerations for embedded softwareUsing static analysis to find and fix security vulnerabilities

Whitepaper: Threat Modeling For Secure Embedded Software

by KlocworkApr 30, 2012

As embedded software becomes more mobile and connected, organizations must take additional steps to ensure their code is secure. To accomplish this goal and combat ever-changing security threats, software engineering teams need to incorporate threat modeling, combined with updated tools and processes into their development plans.

This paper examines threat modeling and explains how it can be used in concert with secure development best practices, including defensive coding, automated

Whitepaper: Developing Software in a Multicore and Multiprocessor World

by KlocworkJan 13, 2012

In the push to meet demands for functionality and speed, software teams are moving away from single processor architectures at a rapid rate. But the realities of developing software for these next-gen architectures is adding significant complexity when it comes to identifying errors in the software - specifically concurrency errors and endian incompatibilities.

Our latest technical white paper looks at the issues of developing for multicore and multiprocessor environments in detail,

Whitepaper: The Value and Importance of Code Reviews

by KlocworkJan 13, 2012

Did you know that most code reviews are conducted in an ad hoc fashion, don?t always include the right people, and fail to take advantage of the latest tools and technology? That?s according to new research that looks at the state of peer code review today.

The exclusive study commissioned by Klocwork and conducted by Forrester Consulting provides valuable data and insights that will help you benchmark and improve your peer code review practices, including:

? Identifying

Whitepaper: Challenges of Multi-core and Multi-processor Software Development

by KlocworkJan 13, 2012

In this exclusive research report from VDC, learn how the growth in multi-core and multi-processor architectures is introducing a new set of challenges for embedded software engineering teams, impacting project schedules, and causing cost overruns.

Demanding more sophisticated feature sets, advanced user interfaces, and perpetual connectivity, the next-generation of embedded devices are driving the accelerated adoption of multi-core and multi-processor architectures. This exclusive