Mitarbeiter

Dr. Alexander von Rhein


… ist Berater für Software-Qualität bei der CQSE GmbH. Er promovierte zu den Themen Software Produktlinien und Software Analyse an der Universität Passau.

  • +49 space::159 space::04517754
  • rhein@invalid::cqse.eu

Blog Posts


Our mission at CQSE is to help customers improve the quality of their code. Our tool Teamscale checks source code and reports issues such as logical flaws, copy&paste programming and possible performance bottlenecks. However there is one aspect of code quality that we did not address so far: code security. Code is secure if it can not be used by an attacker to perform unintented, dangerous actions on the host system. For example, if an attacker inserts '; DROP TABLE Customers; in an input field, this might cause a system to delete the Customers table—a well known »SQL Injection« attack. In this post, I will explain how new analyses in Teamscale can efficiently detect vulnerabilities for such attacks and report them to developers.

Read more...