Security researchers have demonstrated how a parsing script identifies Facebook users by email addresses linked to their accounts, even with privacy settings activated. The script targets a typical vulnerability for huge web applications with extremely complex distributed architectures, such as Facebook.
This post will be useful if you are about to choose or implement such a
solution. How to set up a process in such a way that code vulnerabilities are
not only detected, but also fixed? In this post, I’ll try to help you with this
challenge.
Recently, we have increasingly heard about the importance of static analysis as a tool for newly developed software quality assurance, especially in terms of security. Static analysis helps discover vulnerabilities and other errors and can be integrated into existing development processes. However, this raises many questions. What is the difference between free and commercial tools? Why using a linter is not enough? What do statistics have to do with it?
With the development culture continuing to evolve rapidly, new code quality assurance tools are appearing on the market and being used in dramatically new and innovative ways. We’ve already written about static analysis, what to pay attention to when choosing an analyzer, and, finally, how to establish a static analysis-based process for your organization.
News
17 - 20 of 33
First
|
Prev.
|
3
4
5
6
7
|
Next |
Last