Meet the tool that automatically infers #security vulnerabilities in #python code
▻https://hackernoon.com/meet-the-tool-that-automatically-infers-security-vulnerabilities-in-pyth
TL;DRIn January 2019 we released a tool that significantly raises the bar for detecting security vulnerabilities in Python code. We built a fully automated system that couples data flow analysis algorithms with a novel ML component and detects many more new security issues than traditional approaches. After running it on several Open Source repositories, we found and reported 35 critical security vulnerabilities from the OWASP Top Ten list. Here’s a motivating screenshot that shows one of them:One of the XSS vulnerabilities that we found and reportedThe interest towards Information Security and, in particular Web Applications security, is steadily growing over the past years. Unfortunately so does the threat level posed by security vulnerabilities that are silently awaiting to be (...)