Detecting vulnerabilities as early as possible in the development process is crucial to minimize the costs of security flaws. With the help of our IntelliJ IDEA plugin, RIPS leading Java code analysis can be fully integrated into your developer editor to detect and resolve security issues in real-time. In this blog post, we introduce new plugin features and present a typical use case.Read More
We are pleased to announce integration support for the two major build automation tools Apache Maven and Gradle. Both plugins enable to add our static code analysis solution to your build process and to provide a streamlined way to configure and start a new security scan for your Java applications.Read More
Jenkins CI is one of the leading open source automation server and provides hundreds of plugins to support building, deploying and automating any project. It supports version control tools like Git, Subversion, Mercurial, Perforce, and can execute Apache Ant, Apache Maven and Gradle based projects as well as arbitrary shell scripts and Windows batch commands. RIPS supports the integration of security analysis into Jenkins since 2016 that helps to prevent that new security vulnerabilities are added to your build. Our new major release now also supports the new Pipeline feature and improves existing features.Read More
Today, fully automated application security testing is an important part within every secure development life cycle. RIPS leading code analysis solution for the detection of security issues comes with an extensive API that can be used to automate its analysis features. Based on our RESTful API, we built a command line interface (CLI) tool.
In this blog post we will demonstrate how to use the RIPS CLI tool to automatically scan a project for security vulnerabilities. This enables you to integrate RIPS into basically any system as a security gate that automatically warns you when new security bugs were introduced.Read More
PhpStorm is one of the leading IDEs for developing PHP applications. Its support for key developer tools, such as version control systems, remote deployment, and databases makes it easy for developers to write code efficiently. Although it offers code analysis features in the range of code completion and code quality analysis it is not able to detect pervasive security issues, such as Cross-Site Scripting or SQL Injection. With the help of our PhpStorm plugin you can seamlessly integrate our best-in-class security analysis directly into PhpStorm. This enables developers to quickly scan their project, to review found security vulnerabilities, and to apply patches at the lowest cost point without ever leaving PhpStorm. Get a trial and test it!Read More