<ul><li>The article discusses how pundits can find vulnerabilities in code at the development stage and prevent them. The article highlights several measures for preventing vulnerability including testing, dynamic analysis, and development control.</li><li>Static Application Security Testing (SAST) is explained in detail as an effective way of finding vulnerabilities at the development stage without human intervention.</li><li>Several key points including how to work with code, how to distinguish from normal code and recognizing tainted data are discussed in this article.</li><li>Call graphs and control-flow integrity are presented as essential tools to detect in order to find tainted data and how to use them is detailed.</li><li>The article concludes that the traversal of a graph is the basis of the detection of tainted data in code.</li></ul>

Looking for potential vulnerabilities in code, part 1: theory

Discover more