Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about Cargo Scan, the first interactive program analysis tool designed to help developers audit third-party Rust code, in this conference talk from PriSC 2025. Discover how researchers from UC San Diego and UC Davis developed a solution that takes advantage of Rust's type and module system to automatically analyze third-party crates and significantly reduce manual audit burden. The presentation reveals that over 85% of top 1,000 crates are safe to use without manual inspection, and demonstrates how Cargo Scan can reduce the auditing burden to a median of 13.2% of lines of code compared to auditing whole crates. The speakers also discuss how the tool can identify dangerous side-effects previously missed by manual audits that led to CVEs, making dependency security management more efficient for Rust developers.
