Filter by tag: insights

Integrate Security Checks with RIPS CLI

7 min read 15 Mar 2018 by Hendrik Buchwald
Today, fully automated application security testing is an important part within every secure development life cycle. In this blog post we will demonstrate how to use the RIPS CLI tool to automatically scan a project for security vulnerabilities. This enables you to integrate RIPS into basically any system as a security gate that automatically warns you when new security bugs were introduced.

Integrate Security Testing into PhpStorm

7 min read 20 Feb 2018 by Julian Karl
PhpStorm is one of the leading IDEs for developing PHP applications. Although it offers code analysis features in the range of code completion and code quality analysis it is not able to detect pervasive security issues, such as Cross-Site Scripting or SQL Injection. With the help of our PhpStorm plugin you can seamlessly integrate our best-in-class security analysis directly into PhpStorm and detect critical vulnerabilities at the lowest cost point.

PHP Security Advent Calendar 2017

1 min read 30 Nov 2017 by Johannes Dahse
We are happy to announce this year’s PHP security advent calendar where we will release a new calendar gift from December 1st to 24th. This year, we will focus on nifty PHP pitfalls and release a daily code challenge for you to solve. Can you spot the daily security bug?

WordPress Plugin Vulnerabilities 2017 VS. Static Analysis

11 min read 29 Nov 2017 by Johannes Dahse
WordPress plugins are widely adopted and an attractive target for attackers. In this technical blog post we analyze the most critical vulnerabilities in WordPress plugins of 2017 and share insights about how static code analysis can detect these.

Security Analysis with Bamboo Plugin

5 min read 25 Oct 2017 by Martin Bednorz
Bamboo is a widely used software that enables continuous integration, deployment, and delivery of software applications. This blog post introduces our Bamboo integration and how it can be used to continuously analyze your application with RIPS. By automatically detecting and warning about security issues, your production server can be protected from new vulnerabilities.