StudentShare
Contact Us
Sign In / Sign Up for FREE
Search
Go to advanced search...
Free

Source Code Analysis - Essay Example

Cite this document
Summary
Software security is an important requirement for any business organization particularly the ones dealing with software development. Getting all the involved stakeholders on board is vital for making certain that an organization's code remains secure devoid of compromising safety. …
Download full paper File format: .doc, available for editing
GRAB THE BEST PAPER98.2% of users find it useful
Source Code Analysis
Read Text Preview

Extract of sample "Source Code Analysis"

YourFirst YourLast 05 March Source Analysis SCA (Source Analysis) is an automated technique employed for purposes of debugging a computer application prior to being distributed. As pointed out by the director of Klockwork Company, numerous barriers facilitate to a companys failure in conducting effective SCA. One prominent factor that leads to failure in conducting SCA is a prolonged software evaluation process (Murphy n.p). An extended evaluation process is costly in terms of both wasted human resources and financial resources. Companies are also accused of being too choosy when it comes to deciding on the appropriate application. No particular application is designed to execute all the tasks in one package. Having a combination of these tools working together is the way to go. Application developers are also sometimes accused of ignoring to conduct SCA because of negligence. Software developers sometimes worry about being profiled according to the number of defects in their code. The Klockwork director advises that finding and fixing the defects in the code improves the overall ranking. Balancing Between Speed and Security in App Development The demand for top-notch applications is increasing for business organizations in the world. Organizations are in need of custom-made applications for both internal users within the organization and external purposes (Bubinas n.p). Underperforming apps can severely jeopardize a business organizations activities especially in terms of competing in the global market. Companies are continuously faced with the challenge of striking the correct balance between speed and security when going after applications development plans. According to experts, this challenge usually poses a great threat to an organization if it makes the wrong choice. Addressing this issue, an official for Aetna Company argues that it is possible to get the most out of app development productivity exclusive of sacrificing on security. Getting all the relevant personnel on board with an organizations app security procedures and guidelines is vital in ensuring the organization is not exposed to internal leaks and external attacks. An organizations all-round commitment to security is the only way to ensuring that business channels and activities are protected at all times (Bubinas n.p). With this in mind, it becomes easy to persuade business executives to adopt a process that is cost efficient, saves many financial resources, improves the quality of the business processes, and most importantly, reduces business risk. Once they are convinced, obtaining clearance and approvals for implementing all-inclusive software security programs becomes even easier. Information Technology professionals intending on gaining support for their proposals for implementing app development security need to master the right approach, and, therefore, should arm themselves with a strong and comprehensive plan. They need to draft a plan that must deal with gray areas at every level. Particularly, the opposition will remain the biggest hurdle if app developers believe that the proposed security policies will have a negative effect on them achieving set targets and deadlines. By coming up with an approach that puts together tools to ensure maximum security devoid of negatively affecting output, making a case in favor of a committed method to security is stronger and placed in a better position to be accepted passionately. For instance, the official highlights the positive financial effects of identifying app defects well in advance. It is a principle gain of high quality fully developed software security solutions. The facts are apparent: Software security is an important requirement for any business organization particularly the ones dealing with software development. Getting all the involved stakeholders on board is vital for making certain that an organizations code remains secure devoid of compromising safety. By getting to understand and tabling the advantages of the technology as a component of a wholesome software security approach, IT experts can make a convincing case, which leads to an organizations wide acceptance and adoption. Automotive Hacking and Cybersecurity Automotive hacking is now a reality. Cybersecurity hackers are taking advantage of vehicles susceptibility to access their computer systems illegally. As demonstrated in the report dubbed "60 Minutes," DARPA, a research body under the umbrella of the Department of Defense displayed the vulnerabilities of the GM (General Motors) vehicle Onstar computerized system, gaining access and eventually controlling largely the Chevrolet Impala vehicle (Jaclin n.p). The report demonstrated how engineers dialed into the vehicles system, transmitting a bug that contained a malicious code. The malicious code readjusted the contents of the Onstar program, giving the engineers access to the cars operations and functions. The report revealed the vulnerabilities that the car manufacturers need to address urgently. Criminals will soon start digitally gaining access to vehicles through the back door, something that is potentially dangerous for unsuspecting individuals (Bubinas n.p). There is a need for these companies to invest their resources in static code analysis and other associated software solutions that can detect early defects in the early stages of development. Failure to tackle this issue may pose a serious threat to the world. Software Development Life Cycle SDLC (Software Development Life Cycle) is the procedure adopted in developing a software product. It is the prearranged method of developing software applications. Most companies have a structured way of developing software. These methods are required to be secure in every way to ensure safety and protection from malicious attacks. The threat landscape demands every application to be secure to thwart any attacks. New generational hackers are targeting business organizations, for either profit or fun. Such attacks can cause major reputational risks and financial losses because of these attacks. To avoid such business risks, adopting the S-SDLC becomes very vital in streamlining security. S-SDLC emphasizes by combining security measures into the SDLC. Combining S-SDLC into a companys structure has numerous gains in ensuring a safe product (InfoSec Institute n.p). Open Source Vulnerability The recent discovery of Heartbleed vulnerability caused a tremendous stir in discussions surrounding open source security. While the majority of experts argued the inability of an open source to be fully secured, others downplayed the incident as an anomaly that necessitated companies to improve on their security efforts. The recent discovery of another bug associated to Heartbleed rekindled the arguments of whether the business should continue using open sources. Shellshock – the new bug – is believed to be more devastating than Heartbleed. Companies need to invest heavily in the acquisition of top quality Open Source Security Equipment, able to offer protection to the resources. Open Source Scanning tools can show accurately how open source is being utilized all through the company (Cope n.p). This insight is vital in making certain that the organization is upholding best practices with its adoption of open sources, therefore, putting a limit of the organizational risks through data loss. Major developments are being made in the realm of open sources, with open source solutions currently being popular than never before. The growing influence of open source software has been noticed, with a proposed legislation dubbed the "Cyber Supply Chain Management and Transparency Act of 2014." The legislation demands all sellers to alert all potential customers of all coded scripts implanted in their applications (Cope n.p). The legislation also requires that vendors prove that there were no problems related to cyber security-related with the offerings. New Strategies for Delivering App Development Security Regarding how extensively applied and vital applications have now become for companies in most business sectors, it is somehow surprising that app development security is not given the status it deserves. Applications normally keep information that is sensitive in nature; information if leaked could be potentially disastrous to the reputation of the organization (Bubinas n.p). Reports have in the past highlighted the need to safeguard these information, and added weight to the idea that companies require to embrace fresh techniques and tools if they want to make certain that efforts directed towards app development remain safe. Most respondents participating in a study did not give the correct answer about providing protection to sensitive information. The high rate signifies a negative trend that needs to be addressed urgently. Apart from training staff on the app development security, there is a need to deploy fresh and improved security tools. In addition, organizations need to invest in security training workshops for their software and app developers. Such learning efforts can make certain that information technology experts can manage and are willing to maximize on the (SCA) Static Code Analysis and other tools available for exploitation (Bubinas n.p). Development Approaches; the Biggest Software Security Issues According to Kenneth van Wyk, a software security consultant, the biggest challenges are often related to the app developer’s mindsets. The consultant argued that numerous security mistakes are avoidable if application developers are less trusting and if they deemed more than functionality when developing software’s. The consultant notes that the two subjects originate from lack of attention to security. Kenneth Wyk argues that focusing on developing functionality alone, neglecting the prevention aspect of unspecified functionality leads to vulnerabilities and therefore one is unable to anticipate possible attacks. Prevention of codes from executing unwanted tasks is equally important as developing functionality (Cope n.p). Getting the right balance is usually the biggest challenge facing app developers. The consultant advises developers to give their code some security direction. Anticipating Security Issues To prevail over their predisposition to not foresee security issues and focus wholly on the functionality of the apps, developers need to adopt a more active position in comprehending how information passes through software and in expecting exceptions. They need to pay more attention to input authentication processes (Paul n.p). By adopting authentication approaches, app developers can heighten the firmness of their programs. Works Cited Bubinas, Chris. Developer Buy-In Key For Application Security. Klocwork 2014. Web. 5 Apr. 2015. < http://blog.klocwork.com/software-security/developer-buy-in-key-for- application-security/> Bubinas, Chris. Latest Open Source Vulnerability Further Highlights Importance Of Security. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. Bubinas, Chris. New Tools, Strategies Needed To Deliver Application Development Security. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. Bubinas, Chris. The Biggest Software Security Issues Are In Development Approaches. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. http://blog.klocwork.com/software- security/the-biggest-software-security-issues-are-in-development-approaches/ Cope, Rod. Congress Puts Focus On Open Source Security. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. Cope, Rod. Open Source Software Increasingly Reliable, But Security Still An Issue. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. < http://blog.klocwork.com/software- security/open-source-software-increasingly-reliable-but-security-still-an-issue/> Cope, Rod. Two Sides Of The Same Coin: Open Source Security. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. http://blog.klocwork.com/software-security/two-sides-of-the- same-coin-open-source-security/ InfoSec Institute,. Introduction To Secure Software Development Life Cycle - Infosec Institute. N.p., 2013. Web. 5 Apr. 2015. < http://resources.infosecinstitute.com/intro- secure-software-development-life-cycle/> Jaclin, Jessica. In Demonstration, DOD Hacks Onstar, Gaining Control Of Car. >kloctalk. N.p., 2015. Web. 5 Apr. 2015. Murphy, Patti. 7 Habits For Highly Ineffective Source Code Analysis. >kloctalk. N.p., 2015. Web. 5 Apr. 2015.< http://blog.klocwork.com/software-quality/7-habits-of-highly- ineffective-source-code-analysis/> Paul, Mano. The Ten Best Practices For Secure Software Development. Webcache.googleusercontent.com. N.p., 2015. Web. 5 Apr. 2015. http://webcache.googleusercontent.com/search?q=cache:fHB8JjqgCqgJ:https://www.i sc2.org/uploadedfiles/%28isc%292_public_content/certification_programs/csslp/isc2 _wpiv.pdf+&cd=1&hl=en&ct=clnk Read More
Cite this document
  • APA
  • MLA
  • CHICAGO
(“Source Code Analysis Essay Example | Topics and Well Written Essays - 1500 words”, n.d.)
Source Code Analysis Essay Example | Topics and Well Written Essays - 1500 words. Retrieved from https://studentshare.org/information-technology/1686852-source-code-analysis
(Source Code Analysis Essay Example | Topics and Well Written Essays - 1500 Words)
Source Code Analysis Essay Example | Topics and Well Written Essays - 1500 Words. https://studentshare.org/information-technology/1686852-source-code-analysis.
“Source Code Analysis Essay Example | Topics and Well Written Essays - 1500 Words”, n.d. https://studentshare.org/information-technology/1686852-source-code-analysis.
  • Cited: 0 times

CHECK THESE SAMPLES OF Source Code Analysis

Evaluation of Open Source Operating System

This paper “Evaluation of Open source Operating System” describes some of the issues in the evaluation of the open source operating systems.... There are reasons for the increased interest in the open source operating systems like the success of products like Linux and Apache.... hellip; The author states that the open source systems were found during the 1980s with the development of a free version of 'Unix' by Richard Freeman....
5 Pages (1250 words) Assignment

Tesco Plc and Porters Competitive Advantage

Tesco PLC is an international retailer.... According to the company webpage, the principal activity of the Company is food retailing with over 2,000 stores in the United Kingdom, the Republic of Ireland, Hungary, Poland, the Czech Republic, Slovakia, Turkey, Thailand, South Korea, Taiwan, Malaysia, Japan and China....
8 Pages (2000 words) Essay

Issues Surrounding Alternative Sources of Fuel

rdquo; In addition, from the perspective of the stakeholders, the essay would explore the benefits and challenges of switching to an alternative fuel source and determine ethical and environmental issues concerning alternative fuels.... he source and potentials for coal remain vast but the risks to humans and to the environment are tremendous....
4 Pages (1000 words) Essay

Primary Source Analysis

The authors main argument is that there were real prejudices against PRIMARY SOURCE analysis: REPORT ON THE COMMITTEE OF MERCHANTS FOR THE RELIEF OF COLORED PEOPLE SUFFERING FROM THE LATE RIOTS IN THE OF NEW YORK NameCourse Code and NameInstructorDatePrimary Source AnalysisQ1 The report was written by an Africa American Community living in New York City.... These factors may have affect the source in that it may be based on personal… The document tells about the pain and suffering experience of the African Americans during the riots in New York City and the solutions that were implemented to try and curb it....
2 Pages (500 words) Essay

Five Sources About C14 Dating

The analysis is insightful and innovative, in that it sought to find reliable, easy to find and shortcut markers or flags to screen good bones from bad bones as far as carbon dating such samples is concerned.... This work called "Five Sources About C14 Dating" describes several pieces of research concerning archaeological sites, a poor state of preservation, the samples for carbon dating....
7 Pages (1750 words) Annotated Bibliography

Very Fast, Very Accurate

In the case of the Electro Logic firm, their main source comes from government funding which is still not very reliable, that is why, maybe, Morgan is contemplating of engaging in the commercial markets as to meet all the needs of the firm and to make sure that the form will flourish....
10 Pages (2500 words) Article

Protection of Water Sources and Pipelines from Contamination and Landslide

This paper has addressed the issue of water supply and sanitation and therefore the analysis is based on Codo, in Timor Leste.... This report analyses strategy that can be employed into ensuring the spring water is saved from contamination and also the water source is protected from landslides.... rotection of Water source from ContaminationA place on the surface of the earth whereby water emerges naturally is defined as a spring.... The source of these springs is rainfall and the water seeps into the ground and comes out through the spring (Kresic and Stevanovic, 2009)....
11 Pages (2750 words) Case Study

Information Systems Theory - Foundations of Business Computing

Information technology, on the other hand, can be deemed to lie under information systems, since they focus on the technology involved in systems and example is an information system such as Facebook which consist of parts such as servers, written programs code together with client computers, each of this parts form information technologies it is basically the use of computers and software for information management.... Due to the technology advancements, organizations are opting to out-source business activities due to reasons such as reducing or controlling expenses a simple example would be doing away with staff salaries would have been paid....
6 Pages (1500 words) Assignment
sponsored ads
We use cookies to create the best experience for you. Keep on browsing if you are OK with that, or find out how to manage cookies.
Contact Us