17 Apr 2018 by Martin Bednorz
One year ago we released version 2.0.0 of our superior PHP security analysis solution RIPS. Since then, monthly update releases for our user interface, REST API, and static analysis engine pushed our product, altogether with many new integration plugins and supported industry standards. Today, our user interface enables a highly modern and performant audit experience and our awarded code analysis engine detects unknown bugs in real applications as precise and complete as possible. To further aid developers on their mission to secure PHP code, we are excited to announce the support of the detection of over 30 new types of code quality bugs with RIPS!Read More ...
25 Oct 2017 by Martin Bednorz
Bamboo is a widely used software that enables continuous integration, deployment, and delivery of software applications. It is developed by the Australian company Atlassian that is also well known for their products JIRA and BitBucket. This blog post introduces our Bamboo integration and how it can be used to continuously analyze your PHP application with RIPS. By automatically detecting and warning about security issues, your production server can be protected from new vulnerabilities.Read More ...
4 Aug 2017 by Martin Bednorz
SonarQube is one of the leading products for continuous code quality inspection and is used by more than 80,000 organizations world-wide to automatically detect a large variety of code quality issues. But in today’s world the detection of security issues is even more important. RIPS Technologies enables to integrate its awarded security analysis solution directly into SonarQube through a plugin. It allows to continuously scan existing SonarQube projects for security threats and for quality issues so that the deployment of unstable applications can be prevented.Read More ...
18 Apr 2017 by Martin Bednorz
We are happy to announce the next iteration of our static analysis software for PHP! The new release RIPS 2.0.0 includes the following major changes:
- A complete new interface with optimized performance (demo.ripstech.com)
- A new extensive REST API for full feature automation (api.ripstech.com)
- Team and user privilege management
- Application-specific analysis profiles
- More detailed code summaries and issue descriptions
- Issue categorization for PCI DSS compliance requirements
- Improved analysis precision and performance
- Detection of Cookie Misconfiguration issues (CWE-613, CWE-614, CWE-1004)
- Detection of Insufficient Certificate Validation issues (CWE-295, CWE-297)
Find out more about the top 5 new features in this blog post.Read More ...
21 Dec 2016 by Martin Bednorz
In our 21st advent calendar gift, we cover AbanteCart, a very popular e-commerce solution that just turned 5 years old last month. RIPS found multiple SQL injections, PHP object injections, and the complementary cross-site scriptings so that the more severe vulnerabilities can be exploited. Interestingly, the AbanteCart website was defaced just moments before we send out our analysis report to the development team.Read More ...