WebRATS is an homage to RATS, a tool to scan code and flag the
use of dangerous APIs, identified hazards, and provide secure
coding alternatives (RATS was originally created by Secure
Software). WebRATS is intended for today's web-enabled, distributed
development methodologies. It was designed to integrate
transparently into ordinary code review using modern web browsers.
By simply adding a few lines of script to the relevant code review
web application, security sensitive API usage will be highlighted
in a style similar to inline spell checking, with risks and
suggestions available in mouseover tooltips.
Organizations that already use a web-based code review tool can
add WebRATS functionality to easily provide ambient security
information to developers, exactly in the moment and context in
which it can be most useful: When they are already in the mindset
and process of reviewing code and making bug fixes