Paul Anderson, Author at Security Boulevard
Why NPATH is a Terrible Code Metric

Why NPATH is a Terrible Code Metric

|
I’m on a MISRA committee to specify a standard for code metrics (aka measures) for software quality. The committee was formed to fill a gap: there are no good comprehensive standards for code metrics. There are several lists of metrics that are available, such as the HIS (Hersteller Initiative Software) ... Read More
MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

MISRA C:2012 Rule 1.3 and the Dark Underbelly of C and C++

MISRA C is a set of guidelines for the safe use of the C programming language mainly targeted for its use in safety-critical embedded systems.  Many of its rules and directives are meant to help software developers write code that is easier to understand and maintain. Software development is teamwork ... Read More

The DevSecOps Journey: Achieving Security at Speed and Scale

|
Before DevOps dramatically transformed the application development process, a typical application development scenario went like this: Application developers created their application, system or code and spun up their accompanying server, and then submitted an access request or firewall configuration change to the security team, which would then take weeks to ... Read More