LogicLibrary Ups Devs’ Real-Time QA

Software asset development provider LogicLibrary is looking to chew
through more enterprise bugs with the latest release of its Logiscan 2.0

Formerly known as BugScan, the updated tool helps enterprises and
developers manage their platforms for service-oriented architectures.

Ralph Massaro, vice president and general manager of content products for
LogicLibrary, said the tool spans the application development lifecycle for
development teams, from initial requirements through design and development
to operations and deployment.

He said Logiscan analyzes binary
code for both in-house and commercial applications and patches, with the
ability to direct users to the location of the vulnerability within the
source code.

The goal is to deliver real-time information to developers so that
software is assured of quality before and during its development, rather
than after it is released.

“It’s integrated as a plug-in and it’s there as an IDE ,”
said Massaro. Developers need a work environment that makes the quality-assurance process easier. “This saves a great deal of cost in deploying
secure code — and I think the industry is now evolving to the point where
they realize that this is the crux of many [security] problems, that last
mile” of application development.

Other features in the Logiscan 2.0 features include support for J2EE
, MIPS and SPARC binaries that build on existing Intel x86
support. The scan process is especially keen on buffer overflows, SQL
injection and cross-scripting issues in this regard.

Other features in the release include expanded reporting options that let
Logiscan users submit multiple binaries for analysis, which are then
generated into aggregate and trend reports; visualization of data with
AppExplorer, a rich-client, 3D interface that enables customers to see each
application from a higher level than where they sit.

The toolset is also touting tighter integration with Eclipse and Rational Application Developer (RAD).

What that means, Massaro added, is that Logiscan users can now directly
access and scan binaries for vulnerabilities from within the Eclipse and RAD
integrated development environments.

The company acquired
BugScan last September before renaming the product Logiscan and updating
the toolset.

News Around the Web