3 matches found
Can I Check What I Designed? Mapping Security Design DSLs to Code Analyzers
When assessing the potential impact of code-level vulnerabilities, e.g., discovered by automated analyzers, it is essential to consider them in the context of the system's security design. However, this is a challenging task due to the abstraction gap between security design, often specified usin...
Vulnerability Research Highlights 2021
At SonarSource we are constantly improving our code analyzers to help developers write Clean Code. The detection of severe code vulnerabilities plays an important role in this process so that applications are protected from attacks and security breaches. For this same reason, our research team...
Статические анализаторы php. Мини-обзор
С течение времени мы все чаще и чаще можем видеть появление новых систем управления контентом CMS: форумов, блогов, шопов, социальных сетей, и т.д. и т.п. Многие из них, в силу некомпетентности или недостаточного уровня профессионализма их разработчиков, имеют в коде уязвимые места, позволяющие...