Tag Archives: prevention

Static Analysis Webinars: AppSec and Prevention

Information Security Wordle: OWASP Guide to Building Secure Web Applications and Web Services Wednesday October 30th I’m doing the third part in the appsec static analysis webinar series for Parasoft. The topic for this session is “Strategies for Optimizing Application Security and Defect Prevention“. You can join for free online on Wednesday, October 30, 2013 10:00 AM – 10:30 AM PDT. Dont forget to register here.

Your application security (appsec) and defect prevention strategy is either a liability or a competitive advantage. Even if you are seeing a good ROI from your static analysis implementation, exploring strategies for optimizing application security and defect prevention is still essential for ensuring lowered risk, increased productivity, and brand protection.

In this webinar, I will discuss how organizations can take a proactive approach to securing its applications with a comprehensive tool set that will help development managers and stakeholders sleep better.

I look forward to seeing you there.

Keeping Bugs Out of Your Code

Rare bug I just finished the Parasoft webinar on how to use a development testing platform to do error prevention – I.E. keep bugs out of your code. It’s titled Keeping Bugs Out of Your Code: Why You Need a Development Testing Platform


The surest way to prevent bugs from digging into your code is to design and implement policies that target security and performance. Prevention and policy go hand in hand when it comes to reducing risks associated with complex development processes, such as:

  • Recurring Security Problems
  • Unexpected Behavior
  • Poor Quality

In this webinar, you’ll learn how a Development Testing Platform helps organizations consistently and continuously apply development testing activities that beef up application security, maximize performance, and prevent bugs from infiltrating your code.

I’ve got the slides below, as well as audio in mp3. If you want the whole thing all recorded together you can get it from GoToMeeting.

Download (PDF, 4.13MB)

MP3 Audio (4 MB)

Development Testing – Is It Worth It?

I delivered a webinar yesterday as part of my day job at Parasoft . The topic was “Development Testing – Is It Worth It?”.

I talked about the reasons why Development Testing is useful, how it relates to process, policy, and how you can move from a reactive process of finding bugs to a proactive process of writing code that is resistant to bugs. As the old saying goes, an ounce of prevention is worth a pound of cure, or a week of debugging in this case.

The presentation is general, not designed to push any specific tools, so you should find it helpful. I’ve made both the powerpoint slides and audio available below. You can usually access most of the past webinars and other video content on the Parasoft site.

Take a look for yourself. If you have any comments or suggestions, feel free to mention it in the comments, or email me or reach me on twitter.

(powerpoint) (mp3 audio)

Download (PPTX, 2.52MB)

The webinar invitation read:

Development Testing: Is it Worth It?

Development Testing is a lot like exercising and eating well: pretty much everyone agrees that it’s beneficial and should be done, but few actually achieve it in practice.

A rising number of organizations are flirting with Development Testing by giving developers a static analysis tool and hoping that they use it to prevent defects. This is not unlike packing some raw broccoli and spinach in your son’s lunch box and expecting his health to improve as a result. This approach to Development Testing inevitably fails to deliver the results that organizations have been able to achieve with a comprehensive, policy-driven Development Testing process: reduced risks while cutting development time and costs.

If you can’t bear the business risk associated with defects surfacing in your organization’s software, join our webinar—Development Testing: Is it Worth It?—to learn how to get the maximum risk reduction from your investment in Development Testing. After exploring the dangers of relying on static analysis alone and the top barriers to comprehensive Development Testing, you’ll learn how Parasoft’s comprehensive Development Testing platform can help you:

  • Consistently apply a broad set of complementary Development Testing practices—static analysis, unit testing, peer code review, coverage analysis, runtime error detection, etc.
  • Accurately and objectively measure productivity and application quality
  • Drive the development process in the context of business expectations—for what needs to be developed as well as how it should be developed
  • Gain real-time visibility into how the software is being developed and whether it is satisfying expectations
  • Reduce costs and risks across the entire SDLC