Unicorn with delicious cookie
Our website uses cookies to enhance your browsing experience.
Accept
to the top
Home
>
Posts
>
Posts: #Security

Posts: # Security

All tags:

#CSharp #Knowledge #Security
Nov 03 2022
Catastrophic backtracking: how can a regular expression cause a ReDoS vulnerability?
Andrey Moskalev
Regular expressions come in handy when you need to search for and replace text. However, in some cases, they may cause the system to slow down or even make vulnerable to ReDoS attacks.
...
#CSharp #Security
Sep 06 2022
The risks of using vulnerable dependencies in your project, and how SCA helps manage them
Nikita Lipilin
Most applications today use third-party libraries. If such a library contains a vulnerability, an app that uses this library may also be vulnerable. But how can you identify such...
...
Subscribe to the newsletter
Want to receive a monthly digest of the most interesting articles and news? Subscribe!
* By clicking this button you agree to our Privacy Policy statement
#Knowledge #Security
Jul 25 2022
Application Security Testing. How not to get confused between SAST, DAST, and IAST
Alexey Sarkisov
What benefits does SAST have? What's the difference between SAST and DAST? What's IAST? What do all these words mean?! Let's talk about this and more in the overview of the main types of...
...
#Knowledge #Security
Jul 22 2022
What is CVE and what vulnerabilities can it tell us about?
Mikhail Evtihevich
You may often come across the CVE abbreviation in articles about various vulnerabilities and publications on information security incidents. CVE (Common Vulnerabilities and Exposures) is a list...
...
#Knowledge #Security
Jul 20 2022
CWE Top 25 2022. Review of changes
Mikhail Gelvikh
The CWE Top 25 list reflects the most serious software security weaknesses. I invite you to read the updated top list to become aware of the changes happened over the past...
...
#StaticAnalysis #Security #DevOps
Apr 19 2022
SAST in Secure SDLC: 3 reasons to integrate it in a DevSecOps pipeline
Sergey Vasiliev
Vulnerabilities produce enormous reputational and financial risks. That's why many companies are fascinated by security and desire to build a secure development life cycle (SSDLC). So, today...
...
#Cpp #CSharp #Knowledge #Security #Java
Apr 15 2022
Trojan Source: Invisible Vulnerabilities
Guest
We present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding...
...
#CSharp #Security
Feb 18 2022
Why does my app send network requests when I open an SVG file?
Sergey Vasiliev
You decided to make an app that works with SVG. Encouraged by the enthusiasm, you collected libraries and successfully made the application. But suddenly you find that the app is sending...
...
#CSharp #Knowledge #Security
Feb 11 2022
Vulnerabilities due to XML files processing: XXE in C# applications in theory and in practice
Sergey Vasiliev
How can simple XML files processing turn into a security weakness? How can a blog deployed on your machine cause a data leak? Today we'll find answers to these questions, learn what XXE is and how...
...
#CSharp #Security
Oct 22 2021
OWASP Top Ten and Software Composition Analysis (SCA)
Nikita Lipilin
The OWASP Top Ten 2017 category A9 (which became A6 in OWASP Top Ten 2021) is dedicated to using components with known vulnerabilities. To cover this category in PVS-Studio, developers have to...
...
View more Pagination arrow previous
1 2 3 4
...
6
Showing: 11-20 of 55
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
* Difference between Team and Enterprise
Didn't get our email?
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
Why do we ask to use Business Email?
New License
License Renewal
--Select currency--
USD
EUR
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
Why do we ask to use Business Email?
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
I want to join the test
Why do we ask to use Business Email?
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you do not see the email in your inbox, please check if it is filtered to one of the following folders:

  • Promotion
  • Updates
  • Spam