Ed Tice is a sales engineer at Synopsys. While he's a bit of a jack of all trades, his primary areas of expertise involve helping customers understand the mechanics of running static analysis, dynamic analysis, fuzzing, and test prioritization security tools.
How do static analyzers manage code dependencies? There are many ways, but the best static analyzers take a hybrid approach to dependency analysis.
Posted in Developer Enablement, Static Analysis (SAST) | Comments Off on Why dependencies matter for SAST
Remediating XSS (cross-site scripting, or HTML injection) is difficult without understanding validation, sanitization, and normalization/canonicalization.
Posted in Web Application Security | Comments Off on Remediating XSS: Does a single fix work?
The earliest accessible verification activity is static analysis. Learn why Coverity static analysis is the top productivity tool for engineering teams.
Posted in Static Analysis (SAST) | Comments Off on How is static analysis a productivity tool for engineering teams?
