Microsoft Application Inspector

What is Microsoft Application Inspector?

The Application Inspector is a source code analyzer designed to provide a comprehensive understanding of the features and characteristics within a codebase. Unlike traditional static analysis tools, it does not aim to identify "good" or "bad" patterns, but rather focuses on surfacing a wide range of features, including those related to security, using a JSON-based rules engine with over 400 rule patterns

Highlights

• Feature detection: The tool is capable of detecting a diverse set of features and characteristics within the source code, enabling users to understand the composition and capabilities of the codebase
• Security-focused analysis: The tool is capable of identifying the use of cryptography and other security-related features, providing valuable insights for evaluating the security posture of the code
• Reduces time for component evaluation: By directly examining the source code, the tool can help users quickly determine the functionality and capabilities of Open Source or other components, reducing the time needed to assess them
• Flexible rules engine: The tool's JSON-based rules engine allows for the customization and expansion of the detection capabilities, enabling users to adapt the analysis to their specific needs.