Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications.
SEC0115 System.Random does not provide cryptographically random numbers. Consider using the System.Security.Cryptography.RNGCryptoServiceProvider for random values used in a security context.
Is there anyway to supress the issue with #pragma or similar directive ? Problem is that I'm using random() for Monte Carlo routine in part of the app and it's definitely not security in this instance. These are just piling up masking things we really do need to assess and fix.
SEC0115 System.Random does not provide cryptographically random numbers. Consider using the System.Security.Cryptography.RNGCryptoServiceProvider for random values used in a security context.
Is there anyway to supress the issue with #pragma or similar directive ? Problem is that I'm using random() for Monte Carlo routine in part of the app and it's definitely not security in this instance. These are just piling up masking things we really do need to assess and fix.