Darius Foo
Darius is a software engineer on the SCA team at Veracode, helping developers make use of open source software safer.Posts by Darius Foo
The Ransomware in our Dependencies
November 30, 2016
Ransomware is a growing pernicious threat. Some ransomeware called 'Locky' was recently discovered spreading through Facebook Messenger, and just last weekend San Francisco's light-rail system was compromised by ransomware. Today we'll take an in-depth look at how ransomware can target developers, proliferating through library dependencies. What is Ransomware? Ransomware is malicious software... READ MORE›
A deep dive into analyzing dynamic languages
November 7, 2016
Analyzing programs written in dynamic languages presents some unique challenges. Here's a bit of a deep dive into how we do it. First, what exactly is a dynamic language? For the purposes of this article, we will define a dynamic language as one where types are checked for safety only at runtime. Languages like Ruby, Python, and JavaScript follow this model, in contrast with static languages like... READ MORE›
Vulnerable Method detection now available for Python projects
August 1, 2016
SourceClear now supports Vulnerable Method detection for both Java and Python projects. In addition to notifying you of the vulnerable libraries you're using, we will now let you know exactly where you are using the vulnerable code. Of course, if it turns out you're not actually vulnerable, we'll let you know that too. More signal, less noise. How does it work? To support Vulnerable Methods in... READ MORE›
Love to learn about Application Security?
Get all the latest news, tips and articles delivered right to your inbox.
