LDRA Elevates Its DevSecOps-Ready Platform with Actionable Security Analysis & Reporting

New security-first capabilities—including extended taint analysis and vulnerability heat maps —help embedded developers remediate critical issues earlier in the lifecycle.

LDRA announced the availability of four new security-first capabilities in the LDRA tool suite: security vulnerability reports, security audits, security reviews, and taint analysis. Each capability digs deep into identifying and remediating critical security vulnerabilities that impact today’s complex and connected embedded software applications. Unlike other software verification, traceability, and standards compliance tools, the LDRA tool suite simplifies analysis results using accessible user-experience techniques to help developers understand the results and integrate them into their DevSecOps processes.

New security-first capabilities—including extended taint analysis and vulnerability heat maps —help embedded developers remediate critically issues earlier in the lifecycle.

“Security vulnerabilities in mission-critical systems are just waiting to be exploited, but LDRA can help developers identify and remediate them before release,” said Ian Hennell, Operations Director, LDRA. “The latest features in the LDRA tool suite abstract away much of the noise and complexity of traditional analysis tools to give developers clear, understandable results. Spending less time on “analysis paralysis” enables embedded software teams to focus on early vulnerability remediation and faster compliance.”

Early vulnerability detection, easy-to-understand results

Understanding and prioritizing analysis results consumes more time and skills than development teams can afford, often leading to shortcuts that may compromise the security of embedded systems. The new capabilities of the LDRA tool suite improve analysis effectiveness and reduce developers’ workloads for critical systems in aerospace, defense, automotive, industrial controls, and medical devices.

Combining security vulnerability reports, security audits, security reviews, and taint analysis gives embedded software teams powerful ways to identify vulnerabilities earlier in the lifecycle and support DevSecOps practices.

“LDRA has always been at the forefront of advanced analysis tools that ease developers’ workloads,” Hennell added. “The latest capabilities of the LDRA tool suite refine our approaches to analysis effectiveness and usability to help enterprise organizations improve their secure software development processes without additional overhead.”