July 11, 2026

SmartDec Scanner #2: How to Track Vulnerabilities

SmartDec Scanner #2: How to Track Vulnerabilities

SmartDec Scanner #2: How to Track Vulnerabilities

Enterprise level security scanner is something completely new for the blockchain industry. The developers are not used to such kind of tools and don’t know how to integrate them in the development lifecycle. That’s why we decided to tell you about SmartDec Scanner in the series of articles.

Each article will be about a particular feature of our tool. By describing the feature and how to use it we will not only describe the tool itself but will also provide a kind of tutorial at the same time. This article’s topic will be vulnerability tracking.

If you use any other blockchain security tool (including our own SmartCheck, which analysis module is embedded into SmartDec Scanner), you are starting from scratch with every new scan. If you update the project and scan the code again, you will need to figure out:

  • which vulnerabilities are new and which were present previously
  • which vulnerabilities you have already analyzed and what have you decided (may be they are critical and you need to fix them, may be they are false positives and you should forget about them)

So, if you decide that some vulnerability does not endanger your code you need to reflect this fact in some hand made database, e.g. in Google Spreadsheets. You can do it manually or with a custom script, but you have to do it. Otherwise, anyone who will work with this code after you will need to repeat your work and check this vulnerability again.

Such workflow is possible when analyzing small projects, e.g. simple smart contracts. However, it is unacceptable for enterprise development, because very soon the spreadsheet will become a mess and maintaining it manually will consume a lot of resources. The situation becomes critical in case of code updates and rescanning.

That’s why SmartDec Scanner tracks all the vulnerabilities automatically. When you encounter the vulnerability for the first time, you can write a comment to it or delete it. The other developer will see your comment and will be able to continue your work, not redo it. If you rescan updated code SmartDec Scanner will automatically match the vulnerabilities. So, you will see the old comments. The deleted vulnerabilities will stay deleted. To better understand how it works, see the screenshot below.

Published at Tue, 03 Sep 2019 14:25:46 +0000

Bitcoin Pic Of The Moment
✅ This image from Marco Verch (trendingtopics) is available under Creative Commons 2.0. Please link to the original photo and the license. 📝 License for use outside of the Creative Commons is available by request.
By trendingtopics on 2019-03-21 00:37:09
tags

Previous Article

Dow Nosedives as Investors Brace for Market’s Worst Month of the Year

Next Article

Bitcoin Surge Obliterates $68 Million in BTC Shorts on BitMEX

You might be interested in …