Home > Fresh News > Application Inspector

Application Inspector

January 21st, 2020 Leave a comment Go to comments

Microsoft has recently announced an open-source application software source code analysis tool, Application Inspector. Modern software development practices often require building applications from hundreds of existing components, whether they were written by another team in the organization, an external vendor, or someone in the open-source community. Although this will bring many benefits, such as faster development progress, software quality, and interoperability, etc., it will also bring hidden complexity and risks.

In response to this situation, Microsoft introduced that its internally used tool is Application Inspector, which is a software feature source code analyzer. It can identify software source code features by using static analysis and a customizable json-based rule engine to understand the function of the program. (link)

Use cases of Microsoft Application Inspector

  • Identifying key changes made in a component’s feature over time to know about a potential a malicious backdoor or increased surface for attack.
  • To identify and scrutinize high-risk components and components with unexpected features

Using Microsoft Application Inspector is fairly easy as it is a cross-platform, command-line tool that produces output in multiple formats such as JSON and interactive HTML.

GitHub

Additional links

  1. No comments yet.
  1. No trackbacks yet.
You must be logged in to post a comment.