Static Analysis

Third generation algorithms.

Sophisticated RIPS Engine

The RIPS PHP code analysis engine is armed with innovative static code analysis algorithms that are specifically dedicated to the intricate features of the PHP language.

  • Capable of analyzing modern PHP applications for complex security vulnerabilities in minutes.
  • Supports the full feature stack of the PHP language, including object-oriented code, pitfall-prone security mechanisms, and PHP built-in functions.
  • Detects security vulnerabilities accurately by analyzing the data flow from user-controlled input parameters to sensitive operations in your application with 100% code coverage.
  • Prevents false positives by evaluating the interaction of applied security mechanisms with the different input types, markup contexts and sensitive operations.
  • Detects second-order vulnerabilities and vulnerabilities that stem from a vulnerable PHP core.



Supported PHP Versionsall (3-7)
Maximum Code Sizeunlimited
Vulnerability Types80+
Vulnerability ReportsDashboard, PDF, CSV
Hosted Solution
Local Installation
Scripting APIDocumentation
Continuous IntegrationDocumentation
Industry StandardsOWASP, SANS, CWE, PCI DSS, HIPAA

We evaluated a few products and chose RIPS because it performs really well, and has a strong ability to follow tainted data across the scanned application - which is very important for any SAST solution. Further, our security champions learn more from RIPS findings, as they gain a much better understanding of the vulnerabilities discovered during scans.

Dinis Cruz, Application Security Specialist

WorldFirst

Code Analysis Example


$id = $_POST['id']; // user input
if(...) {
   $id = (int)$id; // safe
}
else {
   $id = htmlentities($id); // !
}
echo "<div id='$id'>"; // XSS

RIPS
Cross-Site Scripting
(single-quoted attribute)

$id = $_POST['id'];
⋮
$id = htmlentities($id);
⋮
echo "<div id='$id'>";

Supported Industry Standards



  Real vulnerability examples

Stay current
about our latest features