Articles by Dr. Adam Kolawa

Building Security into Software with Security Policies & Static Analysis

Tue, 19 Feb 2008 16:15:00 EST

The common approach to securing applications is to try to identify and remove all of the application's security vulnerabilities at the end of the development process. However, this bug-finding approach is not only resource-intensive, it's largely ineffective. To have any chance of exposing all of the security vulnerabilities that may be nested throughout the application, the team would have to identify every single path through the application then rigorously test each and every one.

SOA Best Practices - Four Steps to Securing Your Web Services

Tue, 17 Apr 2007 16:30:00 EDT

Security has the inherent nature of spanning many different layers of a Web Services system. Web Services vulnerabilities can be present in the operating system, the network, the database, the Web server, the application server, the XML parser, the Web Services implementation stack, the application code, the XML firewall, the Web Service monitoring or management appliance, or just about any other component in your Web Services system.

SOA & Web Services - Is It Done Yet?

Tue, 17 Apr 2007 16:30:00 EDT

It's difficult to determine how much time to spend reviewing and testing your code before checking it in to the team's shared code base. On the one hand, you want to complete and check in code as rapidly as possible so you can meet deadlines and move on to developing new code or getting started on other projects. After all, you went into software development to develop, not to test.

OSS: A Tactical Plan for Building Applications

Mon, 22 May 2006 16:30:00 EDT

Open Source is the current rave of the software industry. It's making great progress because of Linux - an operating system that truly works. People are all a-bustle about Open Source and are beginning to look for an Open Source option appropriate to all their application needs. This raises questions: How can you take advantage of Open Source when you're building applications? Are there any dangers involved in using Open Source?

What Issues to Look Out For as You Move from Java to Web Services

Tue, 18 Apr 2006 15:00:00 EDT

The creation and popularity of Web Services are growing rapidly in every industry. With this continued growth, more and more programmers find themselves writing code that, even if it's not currently packaged as a Web Service, will eventually be exposed as one.

Choosing the Best Testing Tools to Increase Project Productivity

Tue, 27 Dec 2005 15:15:00 EST

The primary mission of information technology is to improve business processes and increase profits. Companies are constantly rethinking and struggling with how to use IT to a competitive advantage, reduce IT operating and maintenance costs, and reduce the total cost of ownership... all while attempting to deliver increased value.

Parasoft's Dr Adam Kolowa: "It's Time to Prevent Poorly-Written XML"

Sun, 23 Oct 2005 17:00:00 EDT

Since its inception XML has at times been seen as the cure-all for every problem related to Web applications and integration projects. However, poorly written XML can either slow down an integration project, or worse, cause the integration project to collapse.

Java Application Security in the Corporate World

Mon, 13 Jun 2005 10:00:00 EDT

The vast majority of corporate developers truly believe that application security is not their concern, assuming that network and engineering groups will build their environment in a secure way. But what about application security? Are you ready for the code audit?

Why Build Development Tools for Linux?

Mon, 27 Sep 2004 00:00:00 EDT

I was introduced to Linux in 1992, when the first version was available. At the time I was visiting Poland and my company was building an inventory control system. One of our partners had decided to use Linux to run their inventory system. What led them to use this little-known operating system for a critical task such as inventory control?

Saturday Essay: Why Outsourcing is a "Tremendous Opportunity" for US Economy

Sat, 04 Sep 2004 00:00:00 EDT

'When we hear about short-term job losses that result from outsourcing to India and China, we also need to consider the long-term benefits of these nations developing into prime markets for U.S. exports,' says Dr. Adam Kolawa, the co-founder and CEO of Parasoft. Outsourcing actually offers the U.S. 'a tremendous opportunity,' Kolawa maintains, using post-war Japan as an example from which he feels we could and should learn.

Bulletproof Web Services

Tue, 31 Aug 2004 00:00:00 EDT

Web services are gaining industry-wide acceptance and usage. They are moving from proof-of-concept deployments to actual usage in mission-critical enterprise applications. While Web services allow businesses to connect to partners and customers, the same flexibility and connectivity provide an increased opportunity for errors.

Strategies for Securing Java Code

Mon, 05 Apr 2004 00:00:00 EDT

Java security is an overwhelming issue. For a truly secure application, you need to prevent hackers from entering the system, and you need to ensure that code safeguards security if a hacker does break in. Moreover, there is no room for error. If you anticipate and prevent hundreds of security vulnerabilities but overlook just one, a hacker can still wreak havoc on your system.

Cleaning Up XML

Wed, 10 Mar 2004 00:00:00 EST

Garbage in, garbage out - it's an axiom that applies to many aspects of enterprise development, but none more so than building reliable and robust Web applications and integration projects with XML. Since its inception, XML has been seen as the cure-all for every problem related to Web application development.

Testing Web Services

Thu, 05 Feb 2004 00:00:00 EST

As more enterprises move toward an e-business strategy, the communication and integration of disparate, heterogeneous applications and systems is key. Businesses must be able to securely connect and communicate with customers and trading partners alike.

Automated Error Prevention for Linux

Mon, 22 Dec 2003 00:00:00 EST

Most organizations that use Linux as a business operating system are developing their own applications for Linux - perhaps in response to the current scarcity of packaged applications available on Linux. With so much internal development for Linux, it is critical that the IT groups building your Linux-based applications have a means to efficiently produce reliable code.

On Protecting U.S. IT Jobs

Mon, 24 Nov 2003 11:48:00 EST

As a closing thought, let's consider our jobs and how to protect them. There is a lot of instability in today's software industry, and the American sector is losing its competitive edge.

Automated Error Prevention

Wed, 23 Jul 2003 10:09:00 EDT

Software errors cause not only system functionality problems, but also delayed releases, budget overruns, decreased development team productivity, and blemished corporate reputations. Errors are especially serious when they occur in code built upon WebSphere, which is typically at the core of critical business systems.

Reducing the 80/20 Rule and Increasing Developer Productivity

Tue, 15 Apr 2003 00:00:00 EDT

The 80/20 Rule is a well-known rule of thumb within the software development community that simply states that developers spend 80% of their time debugging applications and 20% writing new code. This ratio, which would seem to some outside the software industry the very embodiment of bad productivity, is unique to the software development community. No other industry measures work performed versus the amount of error fixing that needs to take place.