Security
cancel

How Spell Check and AppSec Testing’s Worlds Have Collided

How Spell Check and AppSec Testing’s Worlds Have Collided

Micro Focus Frequent Contributor

For some reason, there have always been certain words that I’ve always had trouble spelling. I remember dreading the moment at the end of writing a paper for school when I would have to hit that “Check Spelling” button. Having to sit there and hit the Ignore or Replace button over and over was such a daunting task. The worst part was when it would let you know you spelled the word wrong, but you spelled it SO wrong, it had no idea what you were attempting to spell and had no suggestions for you. In those moments, it was that cruel game of trying to re-spell the word over and over again until you were at least in the same ballpark to get a suggestion. This of course, was before word processors put that magical squiggly red line under words you’ve spelled wrong as you typed them. 

How Spell Check and AppSec Testing’s Worlds Have Collided2.jpgThe moment word processors added that feature, my writing world changed for two reasons. First, it gave me a chance to fix my errors as I went, which felt like a significant time saver from waiting until the very end. But the biggest reason for me, was the interesting side effect it created. By seeing that I spelled a word wrong as I typed it, spelling was brought to the top of my mind. When I could see in real time that I spelled a certain word wrong a few times in a row, I started to learn how to spell the word easier. Not only that, but I noticed I made less spelling errors all together since I was always conscious of it due to the immediate feedback my word processor was giving me. 

The same way this added feature changed spelling for me, Fortify Security Assistant is changing application security for developers. Fortify Security Assistant empowers developers to take responsibility for their own code by finding and fixing application security defects during the coding process—eliminating potential security vulnerabilities before the code is even compiled. This solution sits on the developer’s IDE and allows them to get immediate security feedback continuously as code is developed. Security Assistant provides instantaneous feedback, so developers can take quick, decisive action to fix vulnerabilities in real time. It highlights vulnerable code, just like Spell Check did for me and offers suggestions for correcting it. Spell Check1.png

Spell check 2.png

Similar to the added benefits Spell Check had on me, Fortify Security Assistant not only brings security into the mind of a developer, but it also teaches them over time. And if that wasn’t enough of a benefit, by limiting the number of vulnerabilities in the code, the Static scans become faster as well. This allows developers to keep up with the growing demand for faster releases, while knowing the code they write is secure. 

To learn more about Fortify Security Assistant, be sure to watch these three fantastic videos from the Fortify Unplugged Youtube Channel.
Use Fortify Security Assistant in the IDE
Security Testing for Developers
Visual Studio – Real-Time Security with Security Assistant

0 Kudos