The survey responses, including the rating of compliance with each question or feature, are provided by the tool vendors directly. However, the TDWG reserves the right to review and correct any "informational injustices" (i.e. exaggerated answers).
establish a methodology for evaluating software assurance tools
Source Code Security
Analyzers – This class of software tools examines source code
files for security weaknesses and potential vulnerabilities
Web Application Vulnerability Scanners – These tools crawl a web application’s pages and search the application for vulnerabilities by simulating attacks on it
A new effort on Binary Code Scanners - Similar to source code security analyzers, this class of tool analyzes a compiled binary application, including libraries, and provides a report of code weakness over the entire application.
The SAMATE Reference Dataset (SRD) - A community repository of example code and other artifacts to help end users evaluate tools and developers test their methods
Third annual Static Analysis Tools Exposition, which is in progress. The goals are to
enable empirical research based on large test sets,
encourage improvement of tools, and
speed tool adoption by objectively demonstrating their use on real software.
Requirements Definition and Management for DummiesSmart businesses know that high-quality requirements are the cornerstone of any successful software development project. This fun and friendly ebook is an introduction to the role that is central to requirements: the Business Analyst. It explains why the role is so critical and how Business Analysts are transforming software projects.
Mega has a clear identification and understanding of stakeholder expectations across
the entire organization
Web-based integrated
platform that includes EA, GRC, and application portfolio management, and delivers
an integrated set of solutions that deliver operational excellence for organizations
facing complex integration issues with business and technology
Mega consistently integrates industry best practices in many aspects of its product
offering. One example is the Object Management Group's Meta Object Facility (OMG MoF
2)-compliant repository