-
-
Title Slide
-
Project Goals
-
Team Photo from Sunday Morning!
-
ReadMe1
-
-
ReadMe2
-
What it does
Lambda-Check is a CLI tool that can be used in a CI pipeline to check for third party dependency vulnerabilities, check for thread safety issues, and check for segmentation/buffer faults.
How we built it
We built a python backend that ingests CVE's from NIST and the GitHub Security Advisory Database and creates a unified API to search over all CVE's. Our CLI tool written in Haskell parses the files of the project to look for security vulnerabilities.
Challenges we ran into
Haskell uses a .cabal file to store dependencies and we had to write a custom parser to extract the third party packages. It was also difficult to convert all the CVE data formats into a single format for our API. We began the project trying to write our backend in SmallTalk, but decided to abandon it due to the faster development time of python.
What we learned
We learned a ton about CVE's, thread safe software, and function programming with Haskell!
What's next for Lambda-Check
We will continue our database ingestion to keep our database of CVE's up to date. We will also make our api public so anyone can download the cli tool and start using Lambda-Check
Our Team
- Isaac Dugan (idugan1@gulls.salisbury.edu)
- James Montebell (jmontebell2@gulls.salisbury.edu)
- Dustin O'Brien (dobrian6@gulls.salisbury,edu)
- Brian Bowers (bbowers4@gulls.salisbury.edu)
Log in or sign up for Devpost to join the conversation.