[erlang-questions] Security scanning tools for Erlang?
Thu Oct 27 07:38:40 CEST 2016
Erlang itself does.
But unless your own apps have C code, it's typically out of scope of these "your application must be scanned by a static analyser" type requirements. And if there was C in this discussion, we wouldn't have an issue with Fortify being unacceptable.
From: Sergej Jurečko <sergej.jurecko@REDACTED>
Sent: Thursday, 27 October 2016 4:23:22 PM
Subject: Re: [erlang-questions] Security scanning tools for Erlang?
On 27 Oct 2016, at 07:15, Technion <technion@REDACTED<mailto:technion@REDACTED>> wrote:
I think the difficulty here is defining what such a tool would ever evaluate.
Erlang is memory safe, so the myriad of tooling for C just doesn't make sense.
Erlang runs on top of a large amount of C code.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions