RealTime IT News

LogicLibrary Ups Devs' Real-Time QA

Software asset development provider LogicLibrary is looking to chew through more enterprise bugs with the latest release of its Logiscan 2.0 software.

Formerly known as BugScan, the updated tool helps enterprises and developers manage their platforms for service-oriented architectures.

Ralph Massaro, vice president and general manager of content products for LogicLibrary, said the tool spans the application development lifecycle for development teams, from initial requirements through design and development to operations and deployment.

He said Logiscan analyzes binary code for both in-house and commercial applications and patches, with the ability to direct users to the location of the vulnerability within the source code.

The goal is to deliver real-time information to developers so that software is assured of quality before and during its development, rather than after it is released.

"It's integrated as a plug-in and it's there as an IDE ," said Massaro. Developers need a work environment that makes the quality-assurance process easier. "This saves a great deal of cost in deploying secure code -- and I think the industry is now evolving to the point where they realize that this is the crux of many [security] problems, that last mile" of application development.

Other features in the Logiscan 2.0 features include support for J2EE , MIPS and SPARC binaries that build on existing Intel x86 support. The scan process is especially keen on buffer overflows, SQL injection and cross-scripting issues in this regard.

Other features in the release include expanded reporting options that let Logiscan users submit multiple binaries for analysis, which are then generated into aggregate and trend reports; visualization of data with AppExplorer, a rich-client, 3D interface that enables customers to see each application from a higher level than where they sit.

The toolset is also touting tighter integration with Eclipse and Rational Application Developer (RAD).

What that means, Massaro added, is that Logiscan users can now directly access and scan binaries for vulnerabilities from within the Eclipse and RAD integrated development environments.

The company acquired BugScan last September before renaming the product Logiscan and updating the toolset.