Home / Blog / Darius Foo
dfoo's picture

Darius Foo

Darius is a software engineer on the SCA team at Veracode, helping developers make use of open source software safer.
Posts by Darius Foo

The Ransomware in our Dependencies

November 30, 2016

Ransomware is a growing pernicious threat. Some ransomeware called 'Locky' was recently discovered spreading through Facebook Messenger, and just last weekend San Francisco's light-rail system was compromised by ransomware. Today we'll take an in-depth look at how ransomware can target developers, proliferating through library dependencies. What is Ransomware? Ransomware is malicious software... READ MORE

A deep dive into analyzing dynamic languages

November 7, 2016

Analyzing programs written in dynamic languages presents some unique challenges. Here's a bit of a deep dive into how we do it. First, what exactly is a dynamic language? For the purposes of this article, we will define a dynamic language as one where types are checked for safety only at runtime. Languages like Ruby, Python, and JavaScript follow this model, in contrast with static languages like... READ MORE

Vulnerable Method detection now available for Python projects

August 1, 2016

SourceClear now supports Vulnerable Method detection for both Java and Python projects. In addition to notifying you of the vulnerable libraries you're using, we will now let you know exactly where you are using the vulnerable code. Of course, if it turns out you're not actually vulnerable, we'll let you know that too. More signal, less noise. How does it work? To support Vulnerable Methods in... READ MORE

 

 

contact menu

Veracode is a leading provider of enterprise-class application security, seamlessly integrating agile security solutions for organizations around the globe. In addition to application security services and secure devops services, Veracode provides a full security assessment to ensure your website and applications are secure, and ensures full enterprise data protection. Application protection services from Veracode include white box testing, and mobile application security testing, with customized solutions that eliminate vulnerabilities at all points along the development life cycle.

*Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.