Badges

55 Points
6 Years

User Activity

About 4 years ago
Answered a question: Which application security solutions include both vulnerability scans and quality checks?
My experience said there is no perfect all-in-one product doing its best for SAST, DAST and IAST together. If you're looking on Gartner-remarked products only, the most recent version of Micro Focus Fortify (today is 19.2.1) represents the best combination. If you are…
About 4 years ago
Answered a question: What is the biggest difference between Veracode and Checkmarx?
In order to run correctly, Veracode needs executables compiled with debug, that is not so different from having source code, but configuration files checking will be excluded from the analysis. The quality of detections of CheckMarx is superior, as well as the number of…
About 4 years ago
Answered a question: What is the biggest difference between Checkmarx and SonarQube?
SonarQube historically was focused on Code Quality and Best Practices. Recently the enterprise and data center versions provide some security vulnerabilities detection with OWASP compliance. This is not enough. If you are focused on Secure Coding, Checkmarx is much better…
Almost 6 years ago
Contributed a review of Veracode: Does software composition analysis, discovering open source software weaknesses
Almost 6 years ago
Commented on We use it to evaluate code from a security perspective as opposed to a developer’s perspective.
The weakest component of Fortify is SSC. Very difficult to customize, huge infrastructure to implement and maintain and costly
About 6 years ago
Contributed a review of Fortify on Demand: Saved us a lot of time as we focus primarily on programming rather than tool operational work
Experience
Other Skills
Security Reviewer
Following

Reviews

Veracode Logo
Almost 6 years ago
Veracode
Does software composition analysis, discovering open source software weaknesses
Fortify on Demand Logo
About 6 years ago
Fortify on Demand
Saved us a lot of time as we focus primarily on programming rather than tool operational work

Answers

About 4 years ago
Application Security Tools
Which application security solutions include both vulnerability scans and quality checks?
About 4 years ago
Application Security Tools
What is the biggest difference between Veracode and Checkmarx?
About 4 years ago
Application Security Tools
What is the biggest difference between Checkmarx and SonarQube?

Comments

Almost 6 years ago
Application Security Tools
We use it to evaluate code from a security perspective as opposed to a developer’s perspective.

About me

Academician of the National Academy of Sciences of Ukraine and formerly Professor in Taras Shevchenko National University of Kyiv, her life was reaserching about Computer's Physics and IT Business. She moved to UK in 2001, where now is Professor responbible of Enterprise Centre’in Online BitBrainery University . Her researches about Software Quality and Application Security using applied algorithms are currently used in some commercial Software tools

Education

Taras Shevchenko National University of Kyiv