New version of CQM (2.4.0) and Kiuwan Engine
Support for KOTLIN programming language
Kotlin is a cross-platform, statically typed, general-purpose programming language with type inference and it's Google’s preferred language for Android app development since 7 May 2019.
As Kotlin is becoming a widely adopted programming language, Kiuwan now incorporates support to analyze Kotlin source files, thus searching for code and desing conditions that are indicative of security vulnerabilities.
You can find these rules going to Models Management, select CQM and search for Rules applying to Kotlin language
Added Support for RM/COBOL dialect in COBOL technology.
Support for RM/Cobol dialect has been added to current list of supported Cobol dialects.
All versions between 9.x to 12.16 (latest version at the moment of writing this post) have been succesfully tested.
Current list of supported Cobol dialects:
- OS/VS Cobol II
- IBM Enterprise COBOL for z/OS v5
- IBM ILE COBOL 5
- HP COBOL for TNS (Tandem NonStop)
- Net Express COBOL 5 / Server Express COBOL
- MicroFocus RM/COBOL 9.x to 12.16
Duplicated Code rules are not longer mandatory
When creating a new model, it was mandatory to activate duplicated code rules (i.e. rules that check for repeated blocks in source code).
This new Kiuwan release no longer forces duplicated code rules to be activated in your custom model.
- Standard pseudo-random number generators cannot withstand cryptographic attacks.
- Denial of Service by externally controlled sleep time
- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
- Too broad privileges granted.
- Avoid using an user controlled Primary Key into a query
- Weak cryptographic hashes cannot guarantee data integrity
- Weak symmetric encryption algorithm.