Skip to content

Consider security rules for static/dynamic code analysis #11

New issue
New issue
Open
Open
Consider security rules for static/dynamic code analysis#11
Assignees
obfischer
Labels
status:team discussionThe team needs to discuss how to deal with the issue's requesttype:enhancementEnhancement of the functionality of the software
@javabeanz

Description

@javabeanz
javabeanz
opened on Feb 28, 2016

Great project guys !

I was wondering if jqassistant is capable of making software more security by creating rules specifically for security analysis. Data flow, control flow, semantic -, structural -, configuration -, and buffer analysis are a lot easier once you have a full AST. As an example, PMD has a special rule set for security : https://github.com/GDSSecurity/GDS-PMD-Security-Rules.

Metadata

Metadata

Assignees

Labels

status:team discussionThe team needs to discuss how to deal with the issue's requesttype:enhancementEnhancement of the functionality of the software

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions