14 tips for developing AngularJS applications

AngularJS is one of the most popular JavaScript frameworks for client-side development. An insight into some AngularJS concepts, such as $scopes, two-way data binding and directives will bring us to some important tips to keep in mind while developing AngularJS applications.   AngularJS provides MVC architecture for developing SPA (Single Page Application). Key features are two-way data binding, built-in dependency… Read more →

Bad guys love REST

Many applications provide a services layer (to other applications, to a presentation layer…) or consume services exposed by third-parties (not necessarily trusted). REST model is a simple way for designing such services layers, widely used today. This post is about REST security issues and presents the main security problems that need attention, the attack threats and attack surface for REST, and how to… Read more →

Continuous inspection with Team Foundation Server and Kiuwan

Continuous is a word often heard in Agile and DevOps teams: continuous integration, continuous deployment, continuous delivery, … All of them are techniques where teams produce software (products) in short cycles, ensuring that they can be reliably put on production at any time. Kiuwan puts their two cents to facilitate your success, enabling continuous inspection of your code, integrating with… Read more →

Ruby comes to Kiuwan

Kiuwan is a collaborative environment to analyze, organize and share information, obtained from application analysis, at all levels of our organization: Developers, Security Managers, Quality Managers and CIOs. Today we are going to see how to use Kiuwan with Ruby applications. Kiuwan offers state of the art analysis engines, supporting more than 22 programming languages and framworks including: Java, COBOL, Csharp, Javascript, ABAP… Read more →

Applications

How to organize applications in Kiuwan

Some of our clients have doubts regarding Kiuwan’s application concept. The question is usually what is an application for Kiuwan. The problem is actually that the application concept is different in every organization. In some of them, there is only one software application with hundreds or thousands of service oriented modules designed to cooperate together to provide different functionality. In others, however,… Read more →

C/C++ analysis with Kiuwan, part II

Following our series of posts on analyzing C/C++ with Kiuwan, today we are going to see how to analyze a Microsoft Windows application and learn how to configure the Kiuwan Local Analyzer to get the most out of it. In the first post, we saw the basics to run static analyses on C and C++ applications with Kiuwan, both locally and in the… Read more →

Rules development for Kiuwan (V): Query API

Once again, we continue our posts series on rules development for KIUWAN. In the last post, we saw the basic functionalities to navigate through the abstract sintax tree (AST): BaseNode, TreeNode, NodeVisitor and NodePredicate; and we also wrote about the two available AST versions:High-Level AST and Low-Level AST. Today, we’ll see the use of another available API for implementing rules: Query API. The com.optimyth.qaking.highlevelapi.dsl.Query class represents… Read more →

bilog

Bilog: from Satisfied Customer to Strategic Partner

Bilog initially used KIUWAN to integrate their development teams and offer to their customers more secure and optimized code. Thanks to Kiuwan’s ease of use and performance, Bilog has decided to offer their code auditing services to their customers with its specialized Quality Assurance team.   Bilog, French company specialized in software development and quality control, selected Kiuwan for internal developments made… Read more →