Large-scale software systems are staggeringly complex works of engineering. Bugs inevitably come with the territory and for decades, the software profession has looked for ways to fight them. We may ...

In December 2021, a vulnerability in a widely used logging library that had gone unfixed since 2013 caused a full-blown security meltdown. The 10/10-rated Log4Shell flaw in Log4j, an open source ...

Klocwork Insight for C/C++ and Java brings static source code analysis to Java developers. It can help improve code quality while reducing bugs and addressing security vulnerabilities. Its latest ...

The high cost of finding and patching application flaws is well known. Wouldn’t it be cheaper to write secure code in the first place? One of the fastest growing areas in the software security ...

Etherscan, one of the most commonly used Ethereum blockchain scanning websites, introduced a tool that uses artificial intelligence (AI) to help users interpret the source code of smart contracts, ...

Lehigh University researchers have built the first "AI for Science" software tool designed to support the entire project workflow for research scientists. Dr. Claw is an open-source, full-stack AI ...

The Open Source Security Foundation (OpenSSF), a Linux Foundation-backed initiative has released its first prototype version of the 'Package Analysis' tool that aims to catch and counter malicious ...

Have you ever thought of how tools like Checkstyle or FindBugs perform a static code analysis, or how Integrated Development Environments (IDEs) like NetBeans or Eclipse execute quick code fixes or ...