![]() ![]() (6) Create a report with a list of risks and share with codebase maintainers (5) Identify risks and flaws and use the Graphical User Interface to find the cause precisely (3) Use a fuzzer to generate thousands of scenarios (2) Identify and access dependency codes, download and compile ![]() (1) Access the code on GitHub, download and compile Fabien, who has comprehensive experience working with code analysis, chose to apply TrustInSoft’s usual approach and proceeded step by step. The tool allows deep inspection of hundreds of protocols and, as such, is the de-facto standard across many commercial and non-profit enterprises, government agencies, and educational institutions.įabien, one of TrustInSoft’s software engineers, was put in charge of this analysis. It analyzes network protocols by looking at packet captures, which function like pictures taken of the network activity at particular moments in time. Wireshark is the most widely used network protocol analyzer and IP packet sniffer. To see TrustInSoft Analyzer in action, they asked us to run the code of Wireshark through our code analyzer to demonstrate its ability to provide the strongest possible guarantee that some precise parts of Wireshark do not contain any bug that can lead to severe security issues. Quality and security standards are immensely important to Naval Group because of their very critical and sensitive activities, and although Wireshark is not used in production, it can be used in a testing environment. So we jumped at the chance when coincidently, Naval Group, one of the most significant industrial companies of the naval defense sector worldwide, asked us to evaluate one of the most popular open-source software programs, Wireshark. Its kernel is open-sourced: using it TrustInSoft has long contributed to open-source by analyzing the security of the source code of various open-source projects such as OpenSSL, SQLite, and ntpd, to name a few.Īs you can see, TrustInSoft often considers how to leverage its expertise to make open-source programs even more secure. Our product, TrustInSoft Analyzer, is a recognized expert for software code verification through formal methods analysis and is used in a wide range of critical industries to ensure the security of C and C++ code. Here at TrustInSoft, we are also big fans of open-source software. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |