Parasoft: Leader in Service Virtualization

Download voke Research's Market Mover Array Report to learn why Parasoft was named the Lifecycle Virtualization leader.

Parasoft: Leader in Test Automation

Learn why Parasoft received the highest score for API testing and test automation in “The Forrester WAVE: Modern Application Functional Test Auto...

Continuous Testing

Learn how Continuous Testing provides a real-time, objective assessment of the business risks associated with an application under development.
  • Type

  • Topic

  • Product

  • Technology

Parasoft Resource Center

Bulletproofing Your APIs

Learn how Parasoft SOAtest, now integrated with service virtualization and security penetration testing, offers an extensive, easy to use, and affordable approach to validating the security of your APIs.

Forrester: Parasoft the Leader in Functional Test Automation

Learn why Parasoft received the highest score for API testing and test automation with the “strongest continuous testing product offering” in this complimentary copy of “The Forrester WAVE: Modern Application Functional Test Automation Tools, Q4 2016.”

Driving Risks out of Embedded Automotive Software

Automobiles are becoming the ultimate mobile computer and as such, there is unprecedented need to manage the risks of failure— protecting life and property, avoiding costly recalls, and reducing the risk of ruinous lawsuits. This on demand webinar covers five practical techniques for driving the risks out of embedded automotive software.

Is “IoT Security” a Contradiction in Terms?

by Arthur Hicken (Chief Evangelist)

The IoT is creating security risks at a faster rate than it’s fixing them…exposing us to direct control of devices to lost of personal private data to actual control of the networks and computers in our homes and offices.

Continuous Testing for IT Leaders eBook

by Wayne Ariola (Chief Strategy Officer), Cynthia Dunlop (Lead Technical Writer)

Continuous Testing provides a real-time, objective assessment of the business risks associated with an application under development. Learn how in this 70-page eBook.

Ensuring Quality and Security in Your Automotive Infotainment Systems

With dozens of microprocessors and multiple networks and busses, modern connected cars are the ultimate mobile computers. Learn the risks posed by in-vehicle systems, how to assess that risk to your business, and the applicable tools and techniques for ensuring the quality and safety of infotainment systems.

Managing the Risk in Your Automotive Software Supply Chain

The automobile industry relies on a vast, sprawling supply chain to create the hardware and software that goes into each vehicle. Learn how to manage the risk in your automotive software supply chain and ensure the quality, safety and security of downstream components.

7-Point Plan for Securing Automotive Software

Our automotive software and security experts team up to discuss how to improve embedded software security in the automotive environment. Topics covered include MISRA and ISO 26262 compliance, problem resolution, issue priority and impact management, and more.

Why Appsec Vulnerabilities Are Dismissed as “Theoretical” or “False”

by Arthur Hicken (Chief Evangelist)

Why do software engineers and others engaged in appsec marginalize the findings from their security tools?

Stopping Software Security Slashers

In this on-demand webinar, our static analysis expert discusses how to ensure the security of your applications from Stagefright, Heartbleed, and other grisly-sounding software defects by leveraging standards to evolve development policies from static analysis findings.

BUSTED! How to Find Security Bugs Fast!

In this on-demand webinar, we’ll discuss how busting software bugs does more than ensure the reliability and performance of your software—it helps ensure application security.

Forrester: Parasoft the Leader in Test Automation

Learn why Parasoft received the highest score for API testing and test automation in this complimentary copy of “The Forrester WAVE: Modern Application Functional Test Automation Tools, Q2 2015.”

How to Avoid Security Vulnerabilities with Static Analysis

This Power Hour Webinar explores how to implement static analysis as a mechanism for preventing defects. You’ll learn how to leverage security standards (OWASP, PCI DSS, & CWE) and evolve development policies from static analysis findings.

Closing the Barn Door on Software Security

by Arthur Hicken (Chief Evangelist)

Why do we have such vulnerable software today and what can we do about it? The focus is on software security, rather than network or physical. They’re just as important, but we seem to be doing a better job there than in the code itself.

Application Security Solution SWAMP Data Sheet

Learn how Parasoft’s Application Security solution establishes a continuous process that ensures that security verification and remediation tasks are deployed across every stage of the SDLC.

Establishing a Continuous Process for PCI DSS Compliance

Details how Parasoft reduces the time and cost of PCI DSS compliance.

Your Guide Through the SWAMP: Avoiding Predators in a Murky World

In this on-demand webinar, Parasoft and the SWAMP discuss strategies for driving software assurance within your organization. Learn how to add a few processes to your software build in order to make it more secure.

API Testing Helps MedicAlert Increase Agility, Extend Services

by Wayne Ariola (Chief Strategy Officer), Cynthia Dunlop (Lead Technical Writer)

Learn how Medicalert automated the functional, security, and performance testing for new APIs – enabling them to become an increasingly agile and valued provider of new healthcare information services.

[Infographic] API Integrity: How Buggy Are Today’s APIs?

by Wayne Ariola (Chief Strategy Officer), Cynthia Dunlop (Lead Technical Writer)

This infographic highlights some interesting findings from Parasoft’s research on API Integrity.

API Adoption is a Matter of Trust

This session from the API Strategy & Practice Conference explores how software failures can impact brands, the importance of API Integrity, and why software testing environments need to be improved.

Security Has Landed in the World of Embedded Software Testing

by Jason Schadewald (Product Manager)

Security has finally landed as a hot topic in the world of embedded devices. Two key themes from last week’s Design West conference: a) security is everyone’s job and 2) build security in.

Exposing Your APIs = Opening Your Home to Bears?

by Wayne Ariola (Chief Strategy Officer), Cynthia Dunlop (Lead Technical Writer)

Exposing an API to your application is as risky as installing a doggie door into your house—as a recent incident with a bear aptly illustrates.

Cloudy with a Chance of Cyber Attacks

Learn about 1) New cloud service technologies that have made software infrastructure more vulnerable. 2) The exorbitant costs of failing to meet security standards. 3) The most effective development testing solution for improving application security.

What’s Needed for API Integrity

Learn about the top challenges associated with ensuring API integrity in this on-demand webinar. It covers strategies and best practices for reducing the risks associated with each challenge.

Java Application Security eKit

In this Java Development Security eKit, you’ll gain insight on how to reduce risks of cyber attacks, such as DDoS and SQL injections.

Achieving Java Application Security with Parasoft Jtest

by Marek Kucharski (President Parasoft SA, VP of Dev), Arthur Hicken (Evangelist), Adam Trujillo (Technical Writer)

Organizations taking to the cloud must be wary distributed denial-of-service attacks (DDOS) and SQL injections (SQLi) and other cyber-attacks. In this paper, you’ll learn how to build security into your Java application.

4 Software Quality Predictions for 2012

by Arthur Hicken (Evangelist), Cynthia Dunlop (Lead Technical Writer)

Read Arthur Hicken’s predictions re: SQL injection, cloud quality, component testing, Kindle Fire caching testing.

Input Validation: Immunity Against Web Attacks

by Arthur Hicken (Evangelist), Cynthia Dunlop (Lead Technical Writer)

Explains how to prevent injection attacks by using input validation and static analysis to build security into your application.

Foundations of Secure Application Development

by Arthur Hicken (Evangelist), Cynthia Dunlop (Lead Technical Writer)

Explains why approaching security as a bug-finding exercise is risky and inefficient, and then explains how to make your web sites immune to attacks including the SQL injections, Lizamoon mass injections & mesh injections.

Parasoft Secure Application Development Solution Sheet

This solution sheet introduces Parasoft’s Secure Application Development solution, which establishes a continuous process that ensures security verification and remediation tasks are not only deployed across every stage of the SDLC, but also ingrained into the team’s workflow.

Success with Static Analysis for Security: Why Code Audits Fail

Parasoft White Paper

Explains why and how to apply static analysis tools in the context of a policy-based security process that not only prevents security vulnerabilities, but also focuses on SDLC productivity.

Cisco Static Analysis Case Study

To comply with corporate quality and security initiatives, Cisco Systems adopted static analysis, unit testing and code review. Learn how they automated these practices and seamlessly integrated them into their existing processes to deliver compliant code without impeding productivity.

MedicAlert API Testing Case Study

MedicAlert needed to more rapidly deliver new services in a secure and effective fashion. Learn how they established a process for managing the functional, security, and performance testing challenges associated with their new capabilities and offerings.

Security Code Audits: One Size Does Not Fit All

Software Test & Performance

Introduces best practices for applying security static analysis, data flow analysis, penetration testing, and workflow optimization to bake security into the application development process.

Static Analysis, Security Failure

Software Test & Performance

Discusses why a policy-based approach is the secret to success with static analysis.

Rethinking Application Security


For developers to work effectively in a security-conscious environment, addressing security-related coding issues must be integrated in developers’ daily workflow.

Building Security into Software with Security Policies & Static Analysis

Java Developer's Journal

Discusses why the most effective security efforts define a policy that details security requirements, then use static analysis to verify that the policy is implemented in the code.

SOA Best Practices – Four Steps to Securing Your Web Services

SOA World Magazine

Details practices for ensuring Web service security throughout the SDLC.

Security As A Requirements Issue

SD Times

Argues that security is really a requirements issue.

Making Sense of WS-Policy and SAML

Answers the question “”If I want to learn about WS-Policy and SAML, where should I start looking?””

Understanding XPath Injection


Answers the question “Can you please explain what an XPath injection is?”

Prevent Application Logic Attacks with Sound App Security Practices

Discusses the rise in attacks on application logic and strategies for preventing them.

How Does WS-Security Relate to Other WS- Standards?


Answers the question “How can you relate WS-Security, WS-Trust, WS-Policy, WS-SecurePolicy and WS-Reliability to one another?”

Distinguishing a Faked XMLHTTP Request from a Real One

Answers the question “How can one make sure an Ajax-enabled Web application is able to tell the difference between a real and a faked XMLHTTP request?”

How to Create Secure Web Applications with Struts

Java Developer's Journal

Focuses on developing secure Web applications with the popular Java framework Struts.

The Importance of WS-Security


Answers the question “What is WS-Security? Why can’t I just use SSL?”

XML Security: Preventing XML Bombs


Answers the question “What is an XML bomb and how do I protect my Web service against it?”

Why are Web Services More Vulnerable than Web Apps?


Answers the question “”Why are Web services potentially more vulnerable to security problems compared to traditional Web applications?””

Hold the Line Against Application Attacks

Software Test & Performance

Application attacks are responsible for a great majority of today’s cyber assaults. Application security testing is crucial to defeating digital foes.

Securing Web Services

Information Systems Security

Examines the threats to web applications and services, then outlines a strategy for preventing them.

Reducing Software Security Vulnerabilities through Unit Testing

Military & Aerospace Electronics

Explains how best practices like unit testing and coverage analysis can help prevent buffer overflow security vulnerabilities.

Java Application Security in the Corporate World

Java Developer's Journal

Most developers truly believe that application security is not their concern… but are you ready for the code audit?

Banish Security Blunders with an Error-prevention Process


Traditionally, application security is an afterthought; we build our apps and try to poke holes in them later. Why not take potential security breaches into account from the very beginning? The Automated Error Prevention Methodology provides a framework you can use to integrate security concerns into your app development right from the start.

Minimizing Weaknesses in TLS


Explains how by recognizing TLS’s weaknesses and considering alternatives such as message layer security, you can ensure that you are implementing the best possible security scheme for your specific needs.

Preventing Web Service Security Breaches with Unit Testing

One effective way for development teams to prevent unexpected inputs is to perform thorough “”white-box”” testing at the unit level.

Security Issues with SOAP

Crosstalk Journal

Some of the very features that make SOAP attractive, such as its flexibility and its compatibility with HTTP, also provide opportunities for security breaches. This article discusses SOAP security issues and how they can be addressed.

Page 1 of 1