The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people making mistakes that lead to a system breach or incorrect behavior.) One such class of insider attack is malicious code added during development that allows for future exploitation. Advanced static analysis tools can detect these within source and binary code before they get shipped to customers. In addition to existing detection for security vulnerabilities, this paper also talks about specific security vulnerability checks to detect certain insider attacks.
Other content on this topic
Protection against Spectre attacks added to GrammaTech’s Cyber Hardening Services for Intel and AMD processors.
Office of Naval Research awards GrammaTech $9M for Cyber-Hardening Security Research
GrammaTech awarded a $9M, three-year contract from the Office of Naval Research to perform R&D on cutting-edge cybersecurity techniques for modernizing legacy software.
Reducing Risk and Costs of DO-178B and DO-178C Certification with Static Analysis
INTRODUCTION: DO-178C – “Software Considerations in Airborne Systems and Equipment Certification” – provides production guidelines for software that is to be used in airborne systems,...
NASA Awards GrammaTech Contract for Eclipse Specification Editing and Discovery Tool for C/C++
ITHACA, NY...
AFRL Awards $13M Software Security Contract to GrammaTech
Subcontractors Raytheon Company, the University of Virginia, and Georgia...
GrammaTech Awarded Air Force Contract
GrammaTech, Inc. today announced that it has been awarded a new SBIR Phase I...
GrammaTech Awarded NASA Contract for Advanced Static Analysis Technology
ITHACA, NY — GrammaTech, Inc., a leading provider of source-code analysis tools, today announced that it has been awarded an...
GrammaTech Awarded AFRL/OSD Research Grant to Investigate Defenses Against Reverse Engineering
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a Small Business Innovative Research (SBIR) research contract by the Air...
GrammaTech Awarded Air Force Research Grant to Develop Source-Code Analyzer that Detects Buffer-Overrun Vulnerabilities
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $749,979 Small Business Innovative Research (SBIR) Program Phase II grant...
GrammaTech Awarded Missile Defense Agency (MDA) Research Contract to Develop Toolset for Maintaining Legacy Ada Code
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $70,000 Small Business Innovative Research (SBIR) Phase I contract by the Missile...
GrammaTech Awarded Air Force Research Contract to Develop Techniques for Detecting Security Vulnerabilities
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $99,981 Small Business Innovative Research (SBIR) Phase I contract by the Air Force...
GrammaTech Awarded Air Force Phase II SBIR Research Contract to Develop Techniques for Detecting Malicious Code in Firmware
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a two-year $749,972 Small Business Innovative Research (SBIR) Phase II contract by the Air...
GrammaTech Awarded NASA Contract to Develop Incremental Code Migration Techniques
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $69,897 Small Business Innovative Research (SBIR) Phase I contract by the National Aeronautics and Space...
GrammaTech Awarded NASA Contract for Advanced Automatic Differentiation
Ithaca, NY — GrammaTech, Inc. announced today that it has been awarded a $69,941 Small Business Innovative Research (SBIR) Phase I contract by the National Aeronautics and Space...
GrammaTech Awarded Air Force Research Contract to Develop Techniques for Detecting Malicious Code in Firmware
Ithaca, NY – GrammaTech, Inc. announced today that it has been awarded a $99,985 Small Business Innovative Research (SBIR) Phase I contract by the Air Force Research Laboratory (AFRL) Information...