8/16/2004 - Reasoning Inc., a leading provider of automated software inspection services, announced that Sharp Labs of America is utilizing Reasoning’s Security Inspection Service to identify critical vulnerabilities in legacy and newly developed software code. Part of Sharp Corporation's global research and development network, Sharp Labs is leveraging Reasoning’s application level code inspection technology to significantly reduce security vulnerabilities and software reliability defects, while achieving dramatic cost and time savings.
According to Gartner, a software defect left unfixed until late in the development cycle costs 80 to 1,000 times more to fix than it would if it was dealt with earlier. By incorporating code inspections early in the software development cycle and at critical intervals in the development process, companies can significantly cut the cost of finding defects, reduce downtime, and improve overall software quality.
One of Sharp Labs’ strategic objectives is to ensure the quality of its software code at the application level. As developers of embedded software for Multi-Function Peripherals (MFPs), the Digital Imaging Systems Department of Sharp Labs has a global network of software development teams geographically situated throughout America and a team in Bangalore, India. After unsuccessfully using several code scanning and dynamic testing tools, Sharp Labs came to Reasoning in the fall of 2003. The company sought to utilize Reasoning’s outsourced Reliability Service to inspect its software for any defects and to ensure the highest code quality across its global network of developers.
When Sharp Labs set out to improve the security of their software, a search of the market identified that no automated software security inspection services or tools for C and C++ code were readily available.
Reasoning approached Sharp Labs with an invitation to join its early access program for Reasoning’s new Security Inspection Service, which was made available in March. Reasoning’s Security Inspection Service leverages Reasoning’s 20-year track record in software defect detection to help C and C++ development organizations find and fix root-cause security vulnerabilities that are the leading target of hackers. Reasoning’s security vulnerability service seeks, locates and reports on buffer overflows, tainted data, race conditions, as well as an additional category identified by Reasoning called risky operations.
Upon completion of Sharp Labs’ security inspection, Reasoning was able to identify vulnerabilities deemed to be significant by the company. Sharp Labs took a further step by having Reasoning inspect newly developed code that had not yet gone through a test cycle. The inspection enhanced Sharp’s testing by providing the company with a comprehensive report that outlined security vulnerabilities that developers were then able to quickly fix, saving valuable time and money in the development and testing cycles.
“With Reasoning, it could not be easier. Our developers simply send over the encrypted code on a secure system. In a single week’s time, results come back by way of detailed reports that identify individual security vulnerabilities, their preconditions, their exact location, and how to fix them. Using Reasoning’s services, our developers were able to continue working on projects and then, upon receipt of the vulnerability reports, immediately fix the specific lines of code containing the security vulnerabilities,” stated Mary Bourret, Senior Manager, Digital Imaging Systems Department at Sharp Labs of America. “The precision of these reports served as a catalyst for us to make changes in our developer’s coding handbook and code inspection guidelines to address the root cause of these problems.”
Stated Bill Payne, Reasoning’s President and CEO, “We’re delighted that Reasoning has a solution available today that can help our customers find and fix security and software vulnerabilities immediately. We are also thrilled that Sharp Labs found Reasoning’s inspection services valuable in identifying and resolving critical security vulnerabilities and software defects. We commend their proactive efforts at focusing on quality and security as software is being developed, rather than after it is deployed. Sharp Labs took measures that only serve to reinforce the security and quality of their products. Their actions also demonstrate the company’s commitment to providing the best possible products to their customers.”
Application Level Inspection Gaining Traction
A recent report by Gartner Group recommends that enterprises should require the use of vulnerability testing tools throughout the application lifecycle. By doing so, enterprises can avoid downtime costs caused by successful attacks and reduce overall system development costs by removing security vulnerabilities. According to Theresa Lanowitz, research director at Gartner Inc., “The idea of applying security at the application development level is still nascent, but is gaining in popularity.”
Reasoning’s inspection services helps companies find security vulnerabilities and reliability defects that have been missed by other alternatives. Reasoning’s service achieves 100% code coverage and provides actionable information, including the exact location and root-cause of the vulnerabilities and defects, making it easy for developers to immediately resolve flaws. Reasoning’s Security Inspection Service and Reliability Service are delivered on an outsourced basis, enabling customers to avoid undertaking expensive and time-consuming test case creation and validation. In addition, they do not have to spend additional resources to train staff on using yet another tool, nor do they have to hassle with associated software maintenance and version control burdens. Reasoning's inspection results are delivered in less than 10 business days, allowing development and IT departments to shield in-house resources from any project disruptions.
About Sharp Labs
Sharp Labs of America is part of Sharp Corporation's global research and development network. The Sharp Labs campus in Camas, Washington, is one of several Sharp offices across the country. Sharp Labs utilizes the integral resources of affiliated offices and facilities in Huntington Beach, California; Vienna, Virginia. As a corporate research lab, Sharp Labs has become a leader in the industry by foreseeing trends and creating advanced technologies in areas such as flat panel displays, consumer electronics and digital information technology.
About Reasoning Inc.
Reasoning Inc. is the leading provider of automated software inspection services that help development organizations reduce the time and cost involved in finding software defects and security vulnerabilities. The company's business is focused on organizations that develop Java, C, and C++ applications. Reasoning is based in Mountain View, CA. For more information, interested parties can contact Reasoning at 650-316-4400 or at www.reasoning.com
Previous Page | News by Category | News Search
If you found this page useful, bookmark and share it on: