The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people making mistakes that lead to a system breach or incorrect behavior.) One such class of insider attack is malicious code added during development that allows for future exploitation. Advanced static analysis tools can detect these within source and binary code before they get shipped to customers. In addition to existing detection for security vulnerabilities, this paper also talks about specific security vulnerability checks to detect certain insider attacks.
Most Recent Flipbooks
Reducing Open Source Risk Throughout the Development, Delivery and Deployment of Software
Using Static Analysis for Overlapping Safety and Security Requirements for Medical Devices
