© 2023 Hashnode
#sast
In recent years, container technology has gained immense popularity in the software development world, revolutionizing the way applications are built and deployed. Containers, which are lightweight and easily portable, enable developers to …
Previously on... In my previous blog post, I wrote about JSON RCE attacks. The possibility of such an attack exists, was brought to my attention in a report by CheckMarx. I heard about SAST scans from…
DevSecOps stands for Development, Security, and Operations. DevSecOps involves introducing security practices and integrating tools earlier in the software development life cycle (SDLC), rather than t…
Previously on... In my previous blog post, I wrote about deserialization attacks and how to prevent them. I ended the post with a section called Hunger. There I stated I still doubted the link between…
Analyse statique avec Checkov Déjà présenté dans mon précédent article; Checkov est un outil permettant l'analyse statique de votre Infrastructure As Code (IaC). Celui-ci va vous aider dans l'écriture…
Ever wondered what it means when you read the headlines or hear - "Hackers attacked XYZ systems! Possibility of a data breach!" Of course, this doesn't mean attacking using arrows or weapons but how d…
In summer 2021, the Vulnerability Research and Static Analysis teams launched the Google Summer of Code (GSoC) project: Write vulnerability detection rules for SAST. For this project, we built and implemented a framework to helps transition…
Compilers are evolving: they issue more and more warnings. Do developers still need to use static code analyzers like PVS-Studio? Yes, because analyzers are evolving too. In this article you'll see how PVS-Studio can find bugs even in a com…
Among the wide variety of programming languages, what our users want the most is that the PVS-Studio analyzer to start supporting JavaScript. The Rhino engine is a project that our team can use to create a PVS-Studio analyzer for JavaScript…
In 2018, Microsoft created МL.NЕТ, a machine learning framework for .NET developers. Since then, the machine learning library has undergone significant changes and acquired new features to identify patterns within data. Let's see how these …
