Research

CoverosLabsInventing the Future of Software

Most people dream about the future.  At Coveros, we are inventing it.  Coveros Labs is a cutting-edge software research organization that explores the outer edges of technology advancement to invent and implement next-generation tools and techniques for building secure software.  The results of our lab are published for all to use and integrated into our software development process for our customers’ benefit.

 

Our Research Efforts Include:

  • Malicious Code Detection

    Our malicious code detection project is working to identify malicious members of a software development team who are seeking to place malicious code into the software they create. Our approach analyzes information gathered on the software development process itself to identify anomalous behavior that may point to malicious intent. This effort is sponsored by the Defense Advanced Research Projects Agency (DARPA).

  • Secure Agile Development
    There are many who believe that secure software cannot be built with an agile process. We disagree and have significant experience doing just that for a variety of customers. This research effort seeks more effective methods for building secure software within an agile development process. Techniques for integrating security into specifications, designs, code, and tests are being developed.
  • Secure Continuous Integration
    One effective way to assure that security is built into software from the ground up is to integrate security scanning and testing tools into your continuous integration and deployment process.  This allows security analysis to be at least partially automated and incorporated into project and product dashboards.  This research effort explores effective mechanisms for performing security analysis within continuous integration.  It has culminated in the release of SecureCI, the world’s first open source continuous integration environment that incorporates security analysis.  Learn More