[erlang-questions] Security scanning tools for Erlang?
Technion
technion@REDACTED
Thu Oct 27 07:38:40 CEST 2016
Hi,
Erlang itself does.
But unless your own apps have C code, it's typically out of scope of these "your application must be scanned by a static analyser" type requirements. And if there was C in this discussion, we wouldn't have an issue with Fortify being unacceptable.
________________________________
From: Sergej Jurečko <sergej.jurecko@REDACTED>
Sent: Thursday, 27 October 2016 4:23:22 PM
To: Technion
Cc: erlang-questions
Subject: Re: [erlang-questions] Security scanning tools for Erlang?
On 27 Oct 2016, at 07:15, Technion <technion@REDACTED<mailto:technion@REDACTED>> wrote:
I think the difficulty here is defining what such a tool would ever evaluate.
Erlang is memory safe, so the myriad of tooling for C just doesn't make sense.
Erlang runs on top of a large amount of C code.
regards,
Sergej
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20161027/d2c3c3b2/attachment.htm>
More information about the erlang-questions
mailing list