In this Expert Insight, Harshil Parikh, CEO of Tromzo, reveals findings from the company’s recent State of Modern Application Security Report, a survey of 400 appsec professionals.
Amid all the “connected device” hoopla coming out of the Consumer Electronics Show (CES) this week, one of the most interesting announcements came from an unexpected corner: Wolfram Research, a maker of high-end software that is used in scientific research. On Monday, the company’s CEO, Stephen Wolfram, announced The Wolfram Connected Devices Project – an initiative that will comprise both a common catalog of connected devices and a common language to connect them. “Connected devices are central to our long-term strategy of injecting sophisticated computation and knowledge into everything,” Wolfram said. “With the Wolfram Language we now have a way to describe and compute about things in the world. Connected devices are what we need to measure and interface with those things.” Wolfram’s short-term goal is to begin cataloging IoT devices and making those devices ‘searchable’ via its Wolfram Alpha web portal – what the company describes as a ‘computational […]
Researchers at The University of Cambridge in the UK have created a Google-like search engine that can peer inside applications, analyzing their underlying code. The search tool, named “Rendezvous,” has applications for a number of problems. It could be used to help reverse engineer potentially malicious files, copyright enforcement or to find evidence of plagiarism within applications, according to a blog post by Ross Anderson, a Professor of Security Engineering at the Laboratory. Rendezvous was unveiled in a seminar on Tuesday by Wei Ming Khoo, a doctoral student in the Security Group working at the University of Cambridge’s Computer Laboratory. The engine, which can be accessed here, allows users to submit an unknown binary, which is decompiled, parsed and compared against a library of code harvested from open source projects across the Internet. Code reuse has become a pressing security issue. The application security firm Veracode has named reused […]