Abstract: Embodiments include method, systems and computer program products for automatic detection of an incomplete static analysis security assessment. In some embodiments, a method includes obtaining component versioning data associated with a build of an application. The method further includes determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete. The method further includes, responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata indicating that at least a portion of the build of the application has been changed from a previous build of the application.

Abstract: Embodiments include method, systems and computer program products for automatic detection of an incomplete static analysis security assessment. In some embodiments, a method includes obtaining component versioning data associated with a build of an application. The method further includes determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete. The method further includes, responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata indicating that at least a portion of the build of the application has been changed from a previous build of the application.

Abstract: Embodiments include method, systems and computer program products for automatic detection of an incomplete static analysis security assessment. In some embodiments, a method includes obtaining component versioning data associated with a build of an application. The method further includes determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete. The method further includes, responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata indicating that at least a portion of the build of the application has been changed from a previous build of the application.

Abstract: A computer-implemented method for security scanning application code includes executing, via a processor, a full scan of the application code and generating a program intermediate representation (IR) and a list of security findings determined by the full scan. The processor executes an incremental scan of the application code after at least one change to the application code, and identifies at least one changed file in the application code. The processor then generates an incremental intermediate representation (IR) based at least in part on the at least one changed file. The processor merges the saved scan state and the incremental IR, produces a merged scan state, and outputs security findings based at least in part on the merged scan state and the incremental IR.

Abstract: A method, system and computer-usable medium for generating a security analysis effort, cost and process scope estimates, comprising: analyzing a software system; identifying a complexity level of a security analysis, the complexity level of the security analysis comprising identification of an effort level for the security analysis; and, generating the security analysis effort estimate, the security analysis effort estimate comprising an estimate of an effort expenditure to perform a security analysis on the software system at the identified complexity level.

Abstract: A method, system and computer-usable medium for generating a security analysis effort, cost and process scope estimates, comprising: analyzing a software system; identifying a complexity level of a security analysis, the complexity level of the security analysis comprising identification of an effort level for the security analysis; and, generating the security analysis effort estimate, the security analysis effort estimate comprising an estimate of an effort expenditure to perform a security analysis on the software system at the identified complexity level.

Abstract: A method, system and computer-usable medium for generating a security analysis effort, cost and process scope estimates, comprising: analyzing a software system; identifying a complexity level of a security analysis, the complexity level of the security analysis comprising identification of an effort level for the security analysis; and, generating the security analysis effort estimate, the security analysis effort estimate comprising an estimate of an effort expenditure to perform a security analysis on the software system at the identified complexity level.

Abstract: Embodiments include method, systems and computer program products for automatic detection of an incomplete static analysis security assessment. In some embodiments, a method includes obtaining component versioning data associated with a build of an application. The method further includes determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete. The method further includes, responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata indicating that at least a portion of the build of the application has been changed from a previous build of the application.

Abstract: Embodiments include method, systems and computer program products for automatic detection of an incomplete static analysis security assessment. In some embodiments, a method includes obtaining component versioning data associated with a build of an application. The method further includes determining, using the component versioning data associated with the build of the application, that a static analysis security assessment configuration of the application is incomplete. The method further includes, responsive to determining that the static analysis security assessment configuration of the application is incomplete, generating metadata indicating that at least a portion of the build of the application has been changed from a previous build of the application.

Abstract: A computer-implemented method for security scanning application code includes executing, via a processor, a full scan of the application code and generating a program intermediate representation (IR) and a list of security findings determined by the full scan. The processor executes an incremental scan of the application code after at least one change to the application code, and identifies at least one changed file in the application code. The processor then generates an incremental intermediate representation (IR) based at least in part on the at least one changed file. The processor merges the saved scan state and the incremental IR, produces a merged scan state, and outputs security findings based at least in part on the merged scan state and the incremental IR.

Abstract: A method, system and computer-usable medium for generating a security analysis effort, cost and process scope estimates, comprising: analyzing a software system; identifying a complexity level of a security analysis, the complexity level of the security analysis comprising identification of an effort level for the security analysis; and, generating the security analysis effort estimate, the security analysis effort estimate comprising an estimate of an effort expenditure to perform a security analysis on the software system at the identified complexity level.

Abstract: Embodiments of the present invention address deficiencies of the art in respect to source code debugging and provide a method, system and computer program product for debug tours for debugging source code. In an embodiment of the invention, a debugger data processing system can be provided. The system can include a debugger executing in a host computing platform, and a debug tour manager coupled to the debugger. The debug tour manager can include program code enabled to load a debug tour of an ordered set of breakpoints established during a prior debugging session of source code, to apply the breakpoints in the debug tour to separately loaded source code, and to execute the source code and to invoke the applied breakpoints in an order prescribed by the ordered set within the debugger.

Abstract: A dynamic generic framework for distributed tooling comprising a system for creating, storing and manipulating objects, which includes a datastore, a user interface and tools. In a distributed or client-server environment, a virtual datastore is created on the client, through which updates to the user interface and commands to the tools are routed. Commands and updates are transmitted asynchronously through handlers. The objects in the datastore are all of the same kind and have a predetermined generic or uniform attribute set. The schema is comprised of schema objects in the datastore which schema objects are dynamically created by the tools. The user interface perceives and comprehends the schema and utilizes the schema to identify and display objects in the datastore, the relationships therebetween, and the commands that can be executed thereon.

Abstract: A system and method for parsing source code written in a high-level programming language at multiple levels may be performed to populate a tree data structure. To obtain information at lower levels, higher levels are parsed. Each level of parsing is performed as a separate stage with the results of higher levels being used to feed parsing at lower levels. The system and method of the present invention provide for parsing at a requested level, not parsing to a lower level than requested.

Abstract: Plotting numerical data is provided. A root object is selected and a user is presented with at least one filter for selection, where each filter describes at least one of a type of objects and a type of relationships between objects, each type of objects and each type of relationships between objects being defined by a schema. A set of objects is selected based on user-selected filters. Each object of the set is related to the root object either directly, or through a chain of intermediate objects, where each chain of intermediate objects has the same length and all objects at a given level of each chain have a relationship with a parent object which is identical. Each object of the set also contains numerical data having a format suitable for a mathematical analysis. The mathematical analysis of the numerical data is arranged and a result of which is plotted in a graph.

Abstract: A system and method for parsing source code written in a high-level programming language at multiple levels may be performed to populate a tree data structure. To obtain information at lower levels, higher levels are be parsed. Each level of parsing is performed as a separate stage with the results of higher levels being used to feed parsing at lower levels. The system and method of the present invention provide for parsing at a requested level, not parsing to a lower level than requested.

Abstract: A dynamic generic framework for distributed tooling comprising a system for creating, storing and manipulating objects, which includes a datastore, a user interface and tools. In a distributed or client-server environment, a virtual datastore is created on the client, through which updates to the user interface and commands to the tools are routed. Commands and updates are transmitted asynchronously through handlers. The objects in the datastore are all of the same kind and have a predetermined generic or uniform attribute set. The schema is comprised of schema objects in the datastore which schema objects are dynamically created by the tools. The user interface perceives and comprehends the schema and utilizes the schema to identify and display objects in the datastore, the relationships therebetween, and the commands that can be executed thereon.