• How to Defend Against Injection Attacks

    This resource focuses on the prevention of injection vulnerabilities which refers to the ability of an attacker to insert specific commands into the application or code that will execute undesired behavior on their behalf.

  • How Static Analysis Automates Agile Software Development

    Agile software development has become more common and necessary practice. However, to fully realize the benefits of Agile software development, software development teams must implement a reliable process for ensuring that their code is free of defects and security vulnerabilities.

  • Static Code Analysis and Why Klocwork Is Different

    Learn the basics about static code analysis and how Klocwork improves developer productivity and reduces time spent identifying different types of application issues.

  • Achieving AUTOSAR C++14 Compliant Code with Klocwork

    Despite the increase in developer productivity from the use of new language features, the requirement to produce software compliant safety-critical standards.

  • Bringing Static Code Analysis to Continuous Integration

    It starts at the developer's desktop. Finding problems here, at the earliest possible point, means less testing later on and fewer downstream impacts to cost and schedule. Klocwork puts static code analysis and continuous integration where you need it.

  • Introduction to Continuous Integration with Klocwork

    The adoption of Agile methods, DevOps, and continuous integration (CI) has taken the velocity of software development to unprecedented levels. Learn how you can use continuous integration within Klocwork to find and fix defects faster. 

  • Detecting Spectre Variant 1 Using Klocwork

    The Klocwork checker SPECTRE.VARIANT1 detects potential occurrences of Spectre variant 1 (CVE-2017-5753) in your code. In this video see how Klocwork static code analysis detects the vulnerability, including code walkthroughs of how the exploit and checker work.

  • 5 Tips for Transitioning from DevOps to DevSecOps

    Successfully transitioning from DevOps to DevSecops can be a difficult and time-consuming process. For that reason, our panel of experts weighs in on what considerations and practical

  • Shift-Left Static Code Analysis with CI and Containerization

    Join Eran Kinsbruner, DevOps Chief Evangelist and Senior Director at Perforce and Dzuy Tran, Senior Sales Engineer at Perforce for a discussion on how to quickly perform static code

  • How to Ensure Software Security with CERT C and C++

    A staggering estimated 82% of software security vulnerabilities are caused by undefined or unspecified behavior of the coding language. To detect these issues, it is vital that code is