Software development platform ensures application security

Providing multi-language support for C, C++, C# and Java, combined with straightforward integration of our own static analysis tools, users are now able to apply in-house security rules, as well as external coding standards and sets of common weaknesses, such as CERT and CWE. This ensures potential issues and existing weaknesses in legacy code are highlighted and therefore resolved before the product release.

Robert Seacord, founder, Secure Coding Institute, commented “PRQA’s QA·C analyser is effective at discovering violations of The CERT C Coding Standard that were not discovered through 20 years of testing or by other static analysis tools”. He continues “Overall, the QA·C analyser is an effective tool for eliminating secure coding flaws that can easily lead to software vulnerabilities”.

With the rapidly growing IoT and resulting interconnectivity, application security has never been so essential – especially for software deployed outside classical IT security infrastructure. According to the leading analyst firm Gartner, the number of devices represented in the IoT is likely to reach 6.4bn over the next 12 months – a growth of 30%. This puts unprecedented pressure on application developers to produce secure and robust products and deliver a sublime customer experience.

Paul Blundell, CEO and Founder, PRQA added “we have been helping software developers enable functional and compliant software development for over 30 years and recognise the changing requirements of our customers. It is no longer enough to have compliant and functional software – it must also be secure in an increasing complex and rapidly evolving ecosystem. Our latest solution set ensures organisations, both large and small, can not only assess existing vulnerabilities in legacy code, but also apply best practice to new developments, across multiple coding languages”