MISRA C: struggle for code quality and security https://pvs-studio.com/en/blog/posts/cpp/0866/

Creating Roslyn API-based static analyzer for C# https://pvs-studio.com/en/blog/posts/csharp/0867/

Why we need dynamic code analysis: the example of the PVS-Studio project https://pvs-studio.com/en/blog/posts/cpp/0868/

Applications that use unverified data are often vulnerable to a wide variety of attacks: SQL Injection, XSS, Path Traversal, etc. Taint analysis is a technology that helps detect potential vulnerabilities caused by the use of unverified data.

In this video, we'll talk about how taint analysis works and how it can help you keep applications secure.

https://t.co/eFwDQWXD1L?amp=1

CWE Top 25 2021. What is it, what is it for and how is it useful for static analysis? https://pvs-studio.com/en/blog/posts/0869/

Rob and Jason are joined by Amir Kirsh and Avi Lachmish from Incredibuild. They first discuss Idle, a new C++ framework, the September ISO mailing and an Algorithm Intuition Chart. Then they talk to Amir and Avi about the recent CoreCpp conference, Bjarne’s keynote and other talks from the conference.
https://cppcast.com/corecpp-amir-avi/

The software development intensifies from year to year. That's why developers often need various 'assistants' - programs that control code quality. Such assistants include static code analyzers that can find and fix flawed code (bugs, typos, vulnerabilities) at the early stages of development.

This article is a brief overview on popular static analyzers for Java code.

https://dzone.com/articles/protect-your-code-from-bugs-an-overview-of-five-st

Rob and Jason are joined by Remi Coulom from Kayufu. They first discuss another blog posts about the ongoing ABI problems in C++ and another on common mistakes with comparison functions. Then they talk to Remi about Joedb, the Journal-Only Embedded Database.
https://cppcast.com/joedb/

Text broadcast of CppCast 293: One Lone Coder https://pvs-studio.com/en/blog/posts/cpp/0870/

Detecting errors in the LLVM release 13.0.0 https://pvs-studio.com/en/blog/posts/cpp/0871/

PVS-Studio 7.15: MISRA, CWE, OWASP, Unreal Engine https://pvs-studio.com/en/blog/posts/0872/

No project is perfect - whichever open-source project you examine, you can find a bug, or two - or... Welcome to our new video series where we study cases like this one.
Let's start with MuseScore: we downloaded and inspected the project's source code. Now sit back and relax while we talk about the peculiar code fragments we found.

https://www.youtube.com/watch?v=SAVbpFTj81I

C++ tools evolution: static code analyzers https://pvs-studio.com/en/blog/posts/cpp/0873/

Rob and Jason are joined by Brandon Duick and Billy Sisson from Exyn Technologies. They first discuss the upcoming CppCon hybrid conference and a new tuple library for C++20. Then they talk to Brandon and Billy about the autonomous UAS/Drone software they work on at Exyn Technologies.
https://cppcast.com/autonomous-uas/

How to check code for compliance with OWASP ASVS using PVS-Studio https://pvs-studio.com/en/blog/posts/0874/

Rob and Jason are joined by Joël Falcou and Denis Yaroshevskiy. They first talk about the 6.2 release of Qt and the range-based for loop bug that won’t be getting fixed in C++23. Then they talk to Joel and Denis about EVE, a C++20 SIMD library that evolved from Boost.SIMD. https://cppcast.com/eve/

What's new in C# 10: overview https://pvs-studio.com/en/blog/posts/csharp/0875/

OWASP Top Ten and Software Composition Analysis (SCA) https://pvs-studio.com/en/blog/posts/csharp/0876/

How we sympathize with a question on StackOverflow but keep silent https://pvs-studio.com/en/blog/posts/cpp/0877/

When you are just starting to learn how to code, sometimes you may need practical tips from more experienced developers. What is a best practice for a specific scenario? What do you need to avoid? How to write better code? We took it upon us to help you out. Here's a selection of 8 tips for beginner C++ developers.

https://www.youtube.com/watch?v=KvCmvcnOJdo