You don't have to download Goanna to try out Goanna. Once you have an account on redlizards.com, you can try out Goanna via the online demo at http://redlizards.com/products/demo.html. Just log in, paste in your code in the text box and click the "Analyze" button. The results will show up on the Web page. We've limited the amount of code ...
New feature for Visual Studio: For any Goanna warning in the VS ErrorList, right-click and choose "Describe Check". You'll get an editor tab filled with a description of the check that gave rise to the warning, the same text as in the User Guide. Coming soon to Eclipse.
I am thrilled to announce that Goanna Studio 2.2 is now the most stable version of Goanna Studio ever created. Goanna Studio 2.1 was an impressive piece of software, but thanks to all the great feedback we have received, we have nailed down all the outstanding issues and we are ready to let you reap the benefits of our ...
Common Weakness Enumeration (CWE) is a widely accepted, community-developed list of general software vulnerabilities. The CWE website, which contains detailed definitions of each weakness, is here. Over the last couple of weeks, I've been looking into how Goanna maps to the current CWE list. That is, for each of Goanna's (currently) 100 checks, I've reported the CWE items ...
Static analysis of the past has been like an episode of CSI. Some guys in specially marked uniforms enter the scene and photograph memory leaks, establish attack vectors and scrape some dangling pointers off the ceiling. Then they go back to the lab and try to figure out what happened. It's a post-mortem investigation of something that went horribly wrong. This ...
