Our pre alpha release included a command line tool showcasing newer version of CAT.NET based on tainted data flow analysis engine using Phoenix compiler infrastructure. It also included a configuration analysis engine which was capable of identifying insecure configuration in .config files. We are actively working on the potential beta release of CAT.NET tool focusing mainly on the core analysis and user experience areas. Here is a quick update on changes.
Here is a list of FxCop CAT.NET data flow rules.
Here is a list of FxCop CAT.NET configuration rules.
With tighter integration with visual studio code analysis the changes are going to make it much more easier to use CAT.NET analysis to detect application level security issues.
Happy New Year!