If you haven't received our response, please do the following: check your Spam/Junk folder and click the
"Not Spam" button for our message.
This way, you won't miss messages from our team in the future.
In this article, we will thoroughly examine the XSS vulnerability in a CMS written in C#. Let's recall the theory, figure out how the security defect looks from a user's perspective and in code, and also practice writing exploits.
In this article, you're going to find 60 terrible coding tips — and explanations of why they are terrible. It's a fun and serious piece at the same time. No matter how terrible these tips look, they aren't fiction, they are real: we saw them all in the real programming...
This is a brief story of how PVS-Studio collaborated with RavenDB. PVS-Studio is a static code analyzer. RavenDB is an open-source database. How can searching for errors in one project benefit both? Let's find out by going over the bug fixes and RavenDB developers...
Our company talks a lot about code quality. While some of the projects chosen for code audits may not be that familiar to our readers, I'm sure many of them use finance apps. Our readers may not be using this particular application, but the point of the article is that...
A NullReferenceException (NRE) is a type of .NET exception. It occurs when a developer tries to dereference a null reference. This article covers the reasons that lead to exceptions of this type, as well as ways to prevent and fix them.
This is a review article on what technologies underlies the work of static code analyzers. The article covers pattern-based analysis, data flow analysis, symbolic execution, taint checking, etc.
Do developers care about code security? This question, I believe, is still open to debate. I wrote this article to solicit feedback from both developers and security experts. Would you help me with that?
This article goes through five key reasons why static analysis is beneficial to software companies. This may help you decide whether to explore code analysis methodology and then integrate it into your company's development process.
Code reviews can be automated with the help of static analysis tools. Keep in mind that one-off code checks are unproductive, so it is important to make static code analysis an integral part of the project development process.