Yesterday I posted about automating CAT.NET. Today while adding it to another build file, I ran across a great error! The tool did not detect any vulnerabilities in my code and therefore the XPath used in the xmlpeek task failed! This caused the build to fail with a false positive. I’ve updated my target to [...]
The other day in Part I of this series I said I was going to write up some more articles about automating code review tools in your build process. Today I spent some time looking over CAT.NET and figuring out how it fits into my build process. CAT.NET is a static code analysis tools that [...]
The Connected Information Security Group blog at Microsoft recently published a couple of articles (part 1, part 2) about a tool recently released called CAT.NET. This is a static code analysis tool which reads a compiled programs code and looks for security problems such as null pointers, null references, and other problems specific to interpreted [...]
