cat .net
-
Tuesday, April 24, 2012 10:15 AMIs cat .net is for only identifying common security flaws in managed code if not then what is need for fxCop,can't we identify security flaws using FxCop.
All Replies
-
Tuesday, April 24, 2012 11:41 AM
CAT.NET is using the same engine as FxCop to identify security flaws. They're just not included in the FXCop rules by default.
So, yes you can identify security issues with FxCop. CAT.NET is just another tool created specifically for these cases.
My blog: blog.jessehouwing.nl
- Marked As Answer by Rohit Binjola Wednesday, April 25, 2012 9:52 AM
-
Wednesday, April 25, 2012 9:52 AMtHANKS FOR THE ANSWER IT HELPED ME ALOT CAN YOU TELL ME HOW TO INTEGRATE CAT .NET RULES WITH FXCOP or HOW TO USE CAT .NET......
-
Wednesday, April 25, 2012 11:20 AM
See my blog post http://blog.jessehouwing.nl/2011/07/code-analysis-in-visual-studio-2010-for.html:
I didn't end up rebuilding CAT.NET 1.1, as it is a lot more extensive. There are a few posts on how to create your own MsBuild tasks to run it, but it's also very easy to change the add-in (which was originally built for Visual Studio 2005 and 2008) to work on Visual Studio 2010. This doesn't integrate into Visual Studio as tightly as you might want, and I've had a few issues with 32bit/64bit versions of CAT.NET and MsBuild.
Also, check out AntAlpha's post on how to suppress CAT.NET Messages in code.CAT.NET 2.0 was partially built, but never released.CAT.NET has been on the low end of the budgetary end for the past 2 years it seems:
http://blogs.msdn.com/b/securitytools/My blog: blog.jessehouwing.nl
