Our website uses cookies to enhance your browsing experience.
Accept
to the top
close form

Fill out the form in 2 simple steps below:

Your contact information:

Step 1
Congratulations! This is your promo code!

Desired license type:

Step 2
Team license
Enterprise license
* Difference between Team and Enterprise
Didn't get our email?
** By clicking this button you agree to our Privacy Policy statement
close form
Request our prices
Why do we ask to use Business Email?
New License
License Renewal
--Select currency--
USD
EUR
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
Free PVS‑Studio license for Microsoft MVP specialists
Why do we ask to use Business Email?
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
To get the licence for your open-source project, please fill out this form
Why do we ask to use Business Email?
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
I am interested to try it on the platforms:
Why do we ask to use Business Email?
Didn't get our email?
* By clicking this button you agree to our Privacy Policy statement

close form
check circle
Message submitted.

Your message has been sent. We will email you at


If you haven't received our response, please do the following:
check your Spam/Junk folder and click the "Not Spam" button for our message.
This way, you won't miss messages from our team in the future.

Home
>
Posts
>
Posts: #Security

Posts: # Security

Cpp CSharp Knowledge
More
64bit StaticAnalysis GameDev Release Security Marketing DevOps Compiler Java OS GuestArticle Embedded Broadcasting
#Knowledge #Security
Jul 20 2022
CWE Top 25 2022. Review of changes
Mikhail Gelvikh
The CWE Top 25 list reflects the most serious software security weaknesses. I invite you to read the updated top list to become aware of the changes happened over the past...
...
#StaticAnalysis #Security #DevOps
Apr 19 2022
SAST in Secure SDLC: 3 reasons to integrate it in a DevSecOps pipeline
Sergey Vasiliev
Vulnerabilities produce enormous reputational and financial risks. That's why many companies are fascinated by security and desire to build a secure development life cycle (SSDLC). So, today...
...
Subscribe to the newsletter
Want to receive a monthly digest of the most interesting articles and news? Subscribe!
* By clicking this button you agree to our Privacy Policy statement
#Cpp #CSharp #Knowledge #Security #Java
Apr 15 2022
Trojan Source: Invisible Vulnerabilities
Guest
We present a new type of attack in which source code is maliciously encoded so that it appears different to a compiler and to the human eye. This attack exploits subtleties in text-encoding...
...
#CSharp #Security
Feb 18 2022
Why does my app send network requests when I open an SVG file?
Sergey Vasiliev
You decided to make an app that works with SVG. Encouraged by the enthusiasm, you collected libraries and successfully made the application. But suddenly you find that the app is sending...
...
#CSharp #Knowledge #Security
Feb 11 2022
Vulnerabilities due to XML files processing: XXE in C# applications in theory and in practice
Sergey Vasiliev
How can simple XML files processing turn into a security weakness? How can a blog deployed on your machine cause a data leak? Today we'll find answers to these questions, learn what XXE is and how...
...
#CSharp #Security
Oct 22 2021
OWASP Top Ten and Software Composition Analysis (SCA)
Nikita Lipilin
The OWASP Top Ten 2017 category A9 (which became A6 in OWASP Top Ten 2021) is dedicated to using components with known vulnerabilities. To cover this category in PVS-Studio, developers have to...
...
#Security
Oct 14 2021
The OWASP diagnostic group in PVS-Studio
Nikita Lipilin
The PVS-Studio static analyzer allows you to automatically find various problems in the source code. It can also detect code fragments that do not comply with the OWASP Application...
...
#Knowledge #Security
Sep 28 2021
CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis?
Mikhail Gelvikh
For the first time PVS-Studio provided support for the CWE classification in the 6.21 release. It took place on January 15, 2018. Years have passed since then and we would like to tell you about...
...
#Cpp #Security
Sep 22 2021
MISRA C: struggle for code quality and security
Konstantin Kochkin
A couple of years ago the PVS-Studio analyzer got its first diagnostic rules to check program code compliance with the MISRA C and MISRA C++ standards. We collected feedback and saw that our...
...
#CSharp #Security
Sep 07 2021
How Visual Studio 2022 ate up 100 GB of memory and what XML bombs had to do with it
Sergey Vasiliev
In April 2021 Microsoft announced a new version of its IDE – Visual Studio 2022 – while also announcing that the IDE would be 64-bit. We've been waiting for this for so long – no more 4 GB...
...
View more Pagination arrow previous
1 2 3 4
...
6
Showing: - of 51

Want to try PVS‑Studio for free?