Secure Software Practices Resource Centre

Static Application
Software Test (SAST)

Learn how SAST is applied early in the lifecycle, lowering the cost of vulnerability rectification.

White Box Dynamic Application Software Test (DAST)

Learn how white box DAST analyses complement SAST and black box DAST techniques.

Secure Application Code Matters

There are so many factors that contribute to the security of a connected device that it would be easy to overlook the role of application code

Here's why it matters.

Hacking is indiscriminate, easy, cheap and lucrative for unscrupulous members of society. Read why that makes your application a target.

The security of any connected system depends on its “defence in depth.” A key element of that defence in depth lies in secure software development.

Learn more about defence in depth and secure applications, and the significance of endpoints in IoT security.

SSDLC: The Secure Software Development Lifecycle

Traditional practice for secure code verification is largely reactive. Code is first developed in accordance with relatively loose guidelines, and then tested to find potential vulnerabilities.

SSDLC offers a better, proactive approach to ensure that code is secure by design and implemented using a systematic development process.

SSDLC: A proactive approach to secure software development

Static analysis (SAST)

Dynamic analysis (DAST)

Requirements traceability

Pen testing

Secure Software Development For Automotive Applications

There are more connected cars than ever, and as arguably the biggest and most complicated of connected devices, vehicles are vulnerable.

Learn more of secure software development in the context of automotive security.

Leveraging automated tools to satisfy the demands of ISO 26262

SAE J3061 and ISO 26262?
They’re made for each other

Best advice on

Securing the IIoT

As with any IIoT network, if the security of an IIoT environment is poorly implemented, it can have a drastic impact on the security of an entire organisation.

Learn why secure software development is key to IIoT security.

Applying IEC 62443-4-1 to Industrial Automation Control Systems

IIRA and RAMI 4.0:
Securing the IIoT 

Safety-Related Control
System Software and ISO 13849:2015

Customer Stories

HCC Embedded

We chose the LDRA tool suite because it covers comprehensive static analysis and has very good dynamic analysis capabilities

Now technologies

LDRA rules has been invaluable to us. I would estimate that we have saved at least €200k by using the tool, which represents a very speedy return on investment for us

LDRA Is Here To Help

For more than 40 years, LDRA has developed and driven the market for software that automates code analysis and software testing for safety-, mission-, security-, and business-critical markets. Working with clients to achieve early error identification and elimination, and full compliance with industry standards, LDRA traces requirements through static and dynamic analysis to unit testing and verification for a wide variety of hardware and software platforms. Boasting a worldwide presence, LDRA has headquarters in the United Kingdom, United States, Germany, and India coupled with an extensive distributor network. For more information on the LDRA tool suite, please visit

Our Customers

ISO 9001 | TÜV Certification

The TÜV and ISO certificates each say something a little different about LDRA and its products. ISO 9001 certification demonstrates LDRA’s ability to consistently meet and exceed customer expectations. And TÜV approval of software test tools suggests something more specific about the capabilities of the products, and their capacity to meet the exacting demands of the world’s predominant functional safety standards.

LDRA © 2020. All Rights Reserved Privacy Policy Cookie Policy

et, consequat. Aliquam Sed libero. lectus non risus. mattis dolor.