Darius Foo

Darius is a software engineer on the SCA team at Veracode, helping developers make use of open source software safer.
Posts by Darius Foo

The Ransomware in our Dependencies

November 30, 2016

Ransomware is a growing pernicious threat. Some ransomeware called 'Locky' was recently discovered spreading through Facebook Messenger, and just last weekend San Francisco's light-rail system was compromised by ransomware. Today we'll take an in-depth look at how ransomware can target developers, proliferating through library dependencies. What is Ransomware? Ransomware is malicious software... READ MORE

A deep dive into analyzing dynamic languages

November 7, 2016

Analyzing programs written in dynamic languages presents some unique challenges. Here's a bit of a deep dive into how we do it. First, what exactly is a dynamic language? For the purposes of this article, we will define a dynamic language as one where types are checked for safety only at runtime. Languages like Ruby, Python, and JavaScript follow this model, in contrast with static languages like... READ MORE

Vulnerable Method detection now available for Python projects

August 1, 2016

SourceClear now supports Vulnerable Method detection for both Java and Python projects. In addition to notifying you of the vulnerable libraries you're using, we will now let you know exactly where you are using the vulnerable code. Of course, if it turns out you're not actually vulnerable, we'll let you know that too. More signal, less noise. How does it work? To support Vulnerable Methods in... READ MORE

Love to learn about Application Security?

Get all the latest news, tips and articles delivered right to your inbox.

 

 

 

contact menu