Our solution is a tool called Sherrif. This tool can be used for both static and dynamic analysis of the code. The tool provides comprehensive insights about dependencies used, known CVEs . The Dynamic Analysis part of the tool will check the overall profile of the tool like the network calls made , memory safety, any signatures of RCE , DOS attacks or injection attacks.The tool in general help improve the security profile at the point right after the code is written such that more secure code reaches the deployement stage.
Tracks Applied (1)
Discussion