Overview: A pioneer in source code analysis, Klocwork® offers a portfolio of software development tools that ensure the security, quality and maintainability of complex code bases.
KnowledgeStorm's detailed company reports contain important information including: stock symbols, company size, addresses, and more. You may access this additional information about this company by viewing one of the detailed solution reports or research abstracts listed below.
Solutions offered by Klocwork.
Research offered by Klocwork
Challenging Some of the Myths About Static Code Analysis by Klocwork. November 30, 2013 - This paper addresses common myths surrounding static code analysis and explains what the technology can do for developers and the software development lifecycle.
Course: Exposure of System Data to an Unauthorized Control Sphere (CWE-497) by Klocwork. November 08, 2013 - Access this resource for an overview of an online course on CWE-497, which discusses the weaknesses caused by exposure of system data to an unauthorized control sphere. Learn the security impact of this weakness with examples of code to demonstrate the danger to your application security.
Course: Improper Validation of Array Index (CWE-129) by Klocwork. November 13, 2013 - This course begins with an overview of improper validation of array indices. It describes the security impact of the weakness and provides a technical description of the issue, along with code examples to show the vulnerability. Finally, the course describes the remediation strategies available to mitigate the weakness described by CWE-129.
Course: Insecure Temporary Files (CWE-377) by Klocwork. November 13, 2013 - This course begins with an overview of the use of insecure temporary files vulnerability and its common causes. A technical description of the issue is presented along with code examples to show the vulnerability. Finally, the course describes the remediation strategies used to mitigate the weakness described by CWE-377.
Defend Against Injection-based Attacks by Klocwork. December 27, 2013 - This paper provides a detailed description of injection vulnerabilities, discusses how they present themselves to both end users and software developers, and explains mitigation strategies to help resolve the various types of injection attacks.
Embedded Open Source Analysis by Klocwork. April 2008 - This white paper explores the results from an analysis of multiple open source projects that are commonly used in embedded development.
Introducing the Agile Desktop: Achieve high velocity with the Klocwork C/C++ developer's desktop by Klocwork. November 01, 2009 - As Agile is embraced by development organizations everywhere, the need to produce clean, maintainable software quickly is great. To achieve development agility, developers must maintain velocity, eliminate bug debt, and focus on peer interaction. Read this paper to learn how to automate time consuming development activities to boost productivity.
Introduction to Secure Coding for C/C++ by Klocwork. September 19, 2011 - When budgets, customers and reputations are at stake, software developers need every available tool to ensure that applications and code are as secure as possible. Going a step above and beyond, this interactive online learning center provides detailed lessons for securing C/C++ code.
Securing Embedded Software with Threat Modeling by Klocwork. September 02, 2011 - This presentation transcript explains threat modeling for embedded software and how it can be used as part of a strategy for creating more secure embedded software.