Through the onboarding process, we realized there is an opportunity to release our developer environment setup as a guide for the community.

LunaSec Community

Thanks <@U02CRL6JD09>. I thought the were tools om the network level.

Yes please, if you can share those tools for checking source code, it's gonna be helpful. Thanks

There are some resources you can use linked in our blog post on Text4Shell: <https://www.lunasec.io/docs/blog/text4shell-java-rce-cve-2022-42889/#additional-resources>

Specifically the JFrog tools are likely the best because they are doing some type of source code analysis to determine if the code usage is actually vulnerable or not.

Our tool, LunaTrace, does something similar but only for JavaScript currently. Java is it's own beast to tackle and we're not there yet (we're 4 people currently).