Badges
70 Points
2 Years
User Activity
About 1 year ago
Answered a question Which application security solutions include both vulnerability scans and quality checks?
My experience said there is no perfect all-in-one product doing its best for SAST, DAST and IAST together. If you're looking on Gartner-remarked products only, the most recent version of Micro Focus Fortify (today is 19.2.1) represents the best combination. If you are…
About 1 year ago
Answered a question What is the biggest difference between Veracode and Checkmarx?
In order to run correctly, Veracode needs executables compiled with debug, that is not so different from having source code, but configuration files checking will be excluded from the analysis. The quality of detections of CheckMarx is superior, as well as the number of…
About 1 year ago
Answered a question What is the biggest difference between Checkmarx and SonarQube?
SonarQube historically was focused on Code Quality and Best Practices. Recently the enterprise and data center versions provide some security vulnerabilities detection with OWASP compliance. This is not enough. If you are focused on Secure Coding, Checkmarx is much better…
Almost 3 years ago
Contributed a review Does software composition analysis, discovering open source software weaknesses
Almost 3 years ago
Commented on We use it to evaluate code from a security perspective as opposed to a developer’s perspective.
The weakest component of Fortify is SSC. Very difficult to customize, huge infrastructure to implement and maintain and costly
Almost 3 years ago
Reviews
Answers
About 1 year ago
Application Security
Comments
Almost 3 years ago
Application Security
About me
Academician of the National Academy of Sciences of Ukraine and formerly Professor in Taras Shevchenko National University of Kyiv, her life was reaserching about Computer's Physics and IT Business. She moved to UK in 2001, where now is Professor responbible of Enterprise Centre’in Online BitBrainery University . Her researches about Software Quality and Application Security using applied algorithms are currently used in some commercial Software tools