C# developer in PVS-Studio team. Participates in development of the
core of the C# analyzer, also engaged in creation of new
diagnostics and DevOps-utilities.
Author of articles about opensource-projects checks.
In this talk I will tell about finding errors and weaknesses
(CWE) in code using static code analysis (SAST) that prevents their
transformation into vulnerabilities (CVE). I will give real examples.
