Page 1 of 1

Static analysis for security in PHP?

Posted: Tue May 10, 2016 4:57 am
by Peter Dawson
Do you use any static analysis tool for finding security flaws on PHP applications?

Re: Static analysis for security in PHP?

Posted: Tue May 10, 2016 7:28 pm
by Christopher
No, and probably only larger PHP developers or larger companies that use PHP would. I thinks some frameworks do. And I know that the PHP7 source has been analyzed.

Re: Static analysis for security in PHP?

Posted: Thu May 26, 2016 6:29 am
by Topanga
Do you know Kiuwan? I use to analyze my apps with it and it gives a lot of metrics and it has specific rules for PHP. Check out:
https://www.kiuwan.com/php-software-analytics/