Alex Thottunkel
- Total activity 2329
- Last activity
- Member since
- Following 0 users
- Followed by 0 users
- Votes 1
- Subscriptions 1176
Articles
Recent activity by Alex Thottunkel Sort by recent activity-
CAST HIGHLIGHT - Results - SCA - Ruby - How to avoid false positives with ruby dependencies
Results for dependencies may show false positives for ruby. For instance when scan is checking for a ruby dependency greater than x.y.z version, the scan uses x.y.z which has vulnerabilities even t...
-
CAST HIGHLIGHT - Green Impact Survey - Submit process is failing for applications
The Submit process after the completion of the Green Impact Survey for portfolio failed. Workarounds The failure occurs when there are same campaign dates. There are two workarounds to solve...
-
CAST HIGHLIGHT - Results - SQL - SQL technologies which are not there in the applications analyzed are detected
False positive as smaller portions of code identified as SQL technologies like MariaDB, DB2 and PostgreSQL are not used in any of the application analyzed. Details and Workaround For SQL techn...
-
CAST HIGHLIGHT - SCA - Component Security value changes though there is no change in the component CVEs nor in the component version numbers
Component Security value in Software Composition changes between two snapshots without any change in the component CVEs nor in the component version numbers. That is values must remain the same in ...
-
CAST HIGHLIGHT - Analysis - Ruby - All the ruby code is not getting analyzed
CAST Highlight shows 1% of Ruby and 95% of Typescript and JavaScript. However, as per the user Ruby code should constitute the majority of the codebase. Some components for Ruby are seen in the un...
-
CAST Console - How to onboard an application with Fast Scan
The main goal of onboarding with Fast Scan workflow is to get visibility about the contents of the source code, inspect it and correct it if necessary, before it is sent for analysis. This ensures...
-
CAST HIGHLIGHT - Analyzer - Framework files, DLL's by themselves are not analyzed
Dependency files like DLL's, framework files, third party libraries by themselves are not analyzed. The dependency files are reported but not analyzed. In the BinaryLibraries.csv - the DLLs are re...
-
CAST HIGHLIGHT - Results Upload - CLI - "Unauthorized: 401"
Upload step is not working and an error "Unauthorized: 401" is generated Detail Make sure that the credentials being used are correct as it is normally the case for a 401 error. Make sure that y...
-
CAST HIGHLIGHT - Analyzer - What does "Abort Wrapped minified file" in the logs indicate?
In the Highlight logs the message Abort : Wrapped: minified file is seen. eg Abort : Wrapped: minified file (ratio=80.4155220396804) Details Basically it means file is too small. Minified files...
-
CAST Console - How to onboard an application without Fast Scan using the Standard onboarding method?
Standard onboarding follows the legacy onboarding workflow where source code is delivered and then immediately analyzed and results published to CAST Imaging/CAST Dashboards. Re-analysis is then po...