Puma Scan analyzes your source code for vulnerabilities identified in the OWASP Top 10, SANS/CWE Top 25, and other common insecure coding patterns as you write code in Visual Studio. The current vulnerability categories covered by Puma Scan include: Insecure Application Configuration, SQL Injection, LDAP Injection, Command Injection, Path Tampering, Weak Password Configuration, Unvalidated Redirects, Cross-Site Scripting, Cross-Site Request Forgery, Weak Input Validation, Insecure Cryptography, and Insecure Object Deserialization.
The Puma Scan Professional Edition performs advanced data flow analysis to reduce false positives, allows engineers to configure rule options, add custom cleanse methods, and add custom tainted sources to make the rules more accurate. The Professional Edition also allows engineers to generate vulnerability reports in HTML and JSON formats. Please read the Configuration Guide for more details.
To use this Visual Studio extension, software engineers must register an account and purchase a license. Please visit the Puma Scan Customer Portal to purchase your software license.
After purchasing your license, please read the Installation Guide to activate the extension and secure your code!
For questions please contact sales [at] pumascan [dot] com.