Good to see Govulncheck doing a vulnerable methods analysis for surfacing only t... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		codelion on Sept 6, 2022 \| parent \| context \| favorite \| on: Vulnerability Management for Go Good to see Govulncheck doing a vulnerable methods analysis for surfacing only the relevant issues. Many app sec vendors do it now for languages like Java and .NET. I originally created the vulnerable methods analysis back in 2015 - https://www.veracode.com/blog/managing-appsec/vulnerable-met... the same idea has been now implemented by WhiteSource (Mend), Snyk etc.

seth123456 on Sept 6, 2022 [–]

The great thing is that when it becomes part of the toolchain it will also be available for the latest version of go as it is released.

Right now veracode is stuck at go 1.17 support - maybe this will also help being up to date for such vendors more easily

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact