Puma Scan Professional 2019Puma Scan Professional is a licensed extension that provides continuous secure code analysis as development teams write code. Vulnerabilities are displayed as spell check and compiler warnings. |
Puma Scan analyzes your source code for vulnerabilities identified in the OWASP Top 10, SANS/CWE Top 25, and other common insecure coding patterns as you write code in Visual Studio. The current vulnerability categories covered by Puma Scan include: Insecure Application Configuration, SQL Injection, LDAP Injection, Command Injection, Path Tampering, Weak Password Configuration, Unvalidated Redirects, Cross-Site Scripting, Cross-Site Request Forgery, Weak Input Validation, Insecure Cryptography, Insecure Object Deserialization, Broken Authentication, Broken Access Control, Server-side Request Forgery, and Poor Secrets Management. The Puma Scan Professional Edition performs advanced data flow analysis to reduce false positives, allows engineers to configure rule options, add custom cleanse methods, add custom tainted sources to make the rules more accurate, and create false positive exceptions. The Professional Edition also allows engineers to generate vulnerability reports in HTML and JSON formats. Please read the Configuration Guide for more details. To use this Visual Studio extension, software engineers must register an account and purchase a license. Please visit https://pumascan.com to purchase your software license. After purchasing your license, please read the Installation Guide to install and configure the extension. Then, read the User Guide to start securing your code! For sales questions, please contact sales [at] pumascan [dot] com. For support questions, please contact support [at] pumascan [dot] com. |