Suppress false positives in your code analysis

One of the obstacles any static analysis tool encounters is the ease with which developers can manage defects that are not pertinent to their development. Oftentimes these “defects” for whatever reason simply do not apply. The most known case of such defects is false positives. Kiuwan Code Analysis offers many features, today we are going to highlight the “Defects Mute”… Read more →

Pentesting

Pentesting: What it is and how it works

Pentesting: What It Is, And How It Works   Pentesting is also called penetration testing or ethical hacking. A penetration test is designed to answer the question: “How effective is my current security against a skilled human attacker?” In this article, we’ll go over what it is, why it’s important to businesses and how a skilled pentester works.   What is Pentesting? … Read more →

Jenkins plugin

Jenkins integration with Kiuwan Code Analysis

A while ago we released our Jenkins plugin as a way to ease the workflow of developers who use Kiuwan, and since then we have had great feedback from our community of users. Measure code security and quality continuously In a world where companies are embracing DevOps initiatives, we aim to help them integrate the measurement and analysis of their application’s code… Read more →

python-1

Python code analysis with Kiuwan

Kiuwan’s latest release now includes coverage for Python. Python was conceived in the late 1980s, and its implementation began in December 1989 by Guido van Rossum. Van Rossum is Python’s principal author, and his continuing central role in deciding the direction of Python is reflected in the title given to him by the Python community, benevolent dictator for life (BDFL). Python 2.0… Read more →

ibm-bluemix

Integrate Kiuwan static test services with IBM Bluemix DevOps Services

I’m located at Tokyo, but I sometimes collaborate beyond border to assist customers. I’m working with Smith Naik who has been managers of various IBM software at IBM labs, now works for various customers to provide best solutions for them. We were wondering how we can provide “static analysis” on the cloud using IBM Bluemix DevOps Services, and Smith found… Read more →

ruby static analysis

Ruby goes to Kiuwan

Kiuwan Code Analysis offers state of the art engines, supporting more than 22 programming languages and frameworks including: Java, Csharp, Javascript, ABAP and Hibernate among others. But Kiuwan is more than a static analysis tool. Kiuwan can categorize your rules and create models according to your needs, plan your next steps with action plans to optimize your time with the ‘what if’ analysis, generate reports,… Read more →

Team foundation server

Continuous Inspection with Team Foundation Server

Continuous is a word often heard in Agile and DevOps teams: continuous integration, continuous deployment, continuous delivery, … All of them are techniques where teams produce software (products) in short cycles, ensuring that they can be reliably put on production at any time. Kiuwan puts their two cents to facilitate your success, enabling continuous inspection of your code, integrating with… Read more →

Secure Rest Api services

Bad guys love REST

Many applications provide a services layer (to other applications, to a presentation layer…) or consume services exposed by third-parties (not necessarily trusted). REST model is a simple way for designing such service layers, widely used today. This post is about REST security issues and presents the main security problems that need attention, the attack threats and attack surface for REST,… Read more →

AngularJS tips

14 tips for developing AngularJS applications

AngularJS is one of the most popular JavaScript frameworks for client-side development. An insight into some AngularJS concepts, such as $scopes, two-way data binding and directives, will bring us some important tips to keep in mind while developing AngularJS applications. AngularJS provides MVC architecture for developing SPA (Single Page Application). Key features are two-way data binding, built-in dependency injection, templates… Read more →