View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
December 10, 2006

Establish Java Open Source Bug forum launched

Fortify Software, which is used as a sort of gauntlet for vetting web app security holes, is teaming with FindBug to open a public clearinghouse for identifying bugs in open source Java software.

By CBR Staff Writer

The site, called the Java Open Source forum, pools results from FindBug’s and Fortify’s tools. Both look for different types of vulnerabilities. While Fortify conducts static analyses to look for security problems, the FindBug tool identifies more mundane defects such as use of an incorrect operator or invoking of a method incorrectly.

The FindBug tooling would be typically used before running code through a more dynamic debugging tool. It originated from grad student research project at the University of Maryland.

The goal is providing a clearinghouse that will help speed up open source software development and provide a seal of assurance to users of open source software.

The site won’t be a free for all. Fortify and FindBug will focus on choosing high impact open source Java projects. For now there won’t be any formal criteria, but that may develop over time. The site will publish results on the number of bugs and provide links to the maintainers, but will restrict disclosure of the bugs themselves to the originators of the code.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.