Rescanning Applications with RIPS

11 Dec 2016 by Daniel Peeren

Rescans

After an automated security analysis of an application with RIPS, the application can be rescanned again. Within another round of security analysis, implemented patches can be verified or the analysis settings of the previous scan can be refined. In todays calendar post, we are introducing some of the rescanning and reviewing features of RIPS based on an example and see how rescanning works and what benefits it brings.

Read More ...

Introducing the RIPS analysis engine

4 Dec 2016 by Johannes Dahse

RIPS

In today’s post, we would like to share some insights into our static code analysis engine RIPS that detected the security bugs described in the previous and upcoming calendar gifts. The engine has a long history and went through several generations before reaching its current performance. What does it actually do within the few seconds after you click on the scan button and the first vulnerability report pops up? How can a security vulnerability be automatically detected in source code? Let’s have a look.

Read More ...

Announcing the Advent of PHP Application Vulnerabilities

25 Nov 2016 by Martin Bednorz

Advent

As the year is slowly coming to an end and the Christmas decorations are starting to brighten up the streets, we at RIPS Technologies decided to give back to the wonderful community surrounding PHP and information security. Starting on December 1st, we are going to open one gift of our advent calendar each day until the 24th. Our gifts are technical blog posts about specific real-world security vulnerabilities in open-source PHP applications that examine PHP security characteristics and how to avoid common pitfalls.

Read More ...