Former cybersecurity czar: Code-checking tools needed

Software vendors need automated tools to detect bugs in software, said the former director of the DHS National Cybersecurity Division.

[Via Computerworld Security News]

"Creating software assurance tools was one long-term focus of the DHS National Cybersecurity Division during Amit Yoran's tenure there, Yoran said today during the E-Gov Institute Homeland Security and Information Assurance Conferences in Washington. About 95% of software bugs come from 19 "common, well-understood" programming mistakes, Yoran said, and his division pushed for automation tools that comb software code for those mistakes. "Today's developers ... often times don't have the academic discipline of software engineering and software development and training around what characteristics would create flaws in the program or lead to bugs," Yoran said. ..."