Dr. Alexander von Rhein

… ist Berater für Software-Qualität bei der CQSE GmbH. Er promovierte zu den Themen Software Produktlinien und Software Analyse an der Universität Passau.

  • +49 space::159 space::04517754

Blog Posts

Our mission at CQSE is to help customers improve the quality of their code. Our tool Teamscale checks source code and reports issues such as logical flaws, copy&paste programming and possible performance bottlenecks. However there is one aspect of code quality that we did not address so far: code security. Code is secure if it can not be used by an attacker to perform unintented, dangerous actions on the host system. For example, if an attacker inserts '; DROP TABLE Customers; in an input field, this might cause a system to delete the Customers table—a well known »SQL Injection« attack. In this post, I will explain how new analyses in Teamscale can efficiently detect vulnerabilities for such attacks and report them to developers.