Unicorn with delicious cookie
Nous utilisons des cookies pour améliorer votre expérience de navigation. En savoir plus
Accepter
to the top
Accueil
>
Posts
>
Posts: #Security

Posts: # Security

All tags:

#CSharp #Knowledge #Security
03 Nov 2022
Catastrophic backtracking: how can a regular expression cause a ReDoS vulnerability?
Andrey Moskalev
Regular expressions come in handy when you need to search for and replace text. However, in some cases, they may cause the system to slow down or even make vulnerable to ReDoS attacks.
...
#CSharp #Security
06 Sep 2022
The risks of using vulnerable dependencies in your project, and how SCA helps manage them
Nikita Lipilin
Most applications today use third-party libraries. If such a library contains a vulnerability, an app that uses this library may also be vulnerable. But how can you identify such...
...
Subscribe to the newsletter
Want to receive a monthly digest of the most interesting articles and news? Subscribe!
* En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité
#Knowledge #Security
25 Jul 2022
Application Security Testing. How not to get confused between SAST, DAST, and IAST
Alexey Sarkisov
What benefits does SAST have? What's the difference between SAST and DAST? What's IAST? What do all these words mean?! Let's talk about this and more in the overview of the main types of...
...
#Knowledge #Security
22 Jul 2022
What is CVE and what vulnerabilities can it tell us about?
Mikhail Evtihevich
You may often come across the CVE abbreviation in articles about various vulnerabilities and publications on information security incidents. CVE (Common Vulnerabilities and Exposures) is a list...
...
#Knowledge #Security
20 Jul 2022
CWE Top 25 2022. Review of changes
Mikhail Gelvikh
The CWE Top 25 list reflects the most serious software security weaknesses. I invite you to read the updated top list to become aware of the changes happened over the past...
...
#StaticAnalysis #Security #DevOps
19 Avr 2022
SAST in Secure SDLC: 3 reasons to integrate it in a DevSecOps pipeline
Sergey Vasiliev
Vulnerabilities produce enormous reputational and financial risks. That's why many companies are fascinated by security and desire to build a secure development life cycle (SSDLC). So, today...
...
#Cpp #CSharp #Knowledge #Security #Java
15 Avr 2022
Trojan Source: Invisible Vulnerabilities
Guest
We present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding...
...
#CSharp #Security
18 Fév 2022
Why does my app send network requests when I open an SVG file?
Sergey Vasiliev
You decided to make an app that works with SVG. Encouraged by the enthusiasm, you collected libraries and successfully made the application. But suddenly you find that the app is sending...
...
#CSharp #Knowledge #Security
11 Fév 2022
Vulnerabilities due to XML files processing: XXE in C# applications in theory and in practice
Sergey Vasiliev
How can simple XML files processing turn into a security weakness? How can a blog deployed on your machine cause a data leak? Today we'll find answers to these questions, learn what XXE is and how...
...
#CSharp #Security
22 Oct 2021
OWASP Top Ten and Software Composition Analysis (SCA)
Nikita Lipilin
The OWASP Top Ten 2017 category A9 (which became A6 in OWASP Top Ten 2021) is dedicated to using components with known vulnerabilities. To cover this category in PVS-Studio, developers have to...
...
View more Pagination arrow previous
1 2 3 4
...
6
Showing: 11-20 of 55
close form

Remplissez le formulaire ci‑dessous en 2 étapes simples :

Vos coordonnées :

Étape 1
Félicitations ! Voici votre code promo !

Type de licence souhaité :

Étape 2
Team license
Enterprise licence
* Différence entre Team et Entreprise
Vous n'avez pas reçu d'email ?
** En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité
close form
Demandez des tarifs
Pourquoi demandons-nous l'email d'entreprise ?
Nouvelle licence
Renouvellement de licence
--Sélectionnez la devise--
USD
EUR
Vous n'avez pas reçu d'email ?
* En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité

close form
La licence PVS‑Studio gratuit pour les spécialistes Microsoft MVP
Pourquoi nous demandons un email d'entreprise ?
Vous n'avez pas reçu d'email ?
* En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité

close form
Pour obtenir la licence de votre projet open source, s’il vous plait rempliez ce formulaire
Vous n'avez pas reçu d'email ?
* En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité

close form
I want to join the test
Pourquoi nous demandons un email d'entreprise ?
Vous n'avez pas reçu d'email ?
* En cliquant sur ce bouton, vous déclarez accepter notre politique de confidentialité

close form
check circle
Votre message a été envoyé.

Nous vous répondrons à


Si l'e-mail n'apparaît pas dans votre boîte de réception, recherchez-le dans l'un des dossiers suivants:

  • Promotion
  • Notifications
  • Spam