Static Application Security Analyzer (SAST) for efficient detection of vulnerabilities and undeclared capabilities in both source and binary code
AppScreener is a convenient and understandable code analysis solution that allows you to control the security of the systems used in the company and prevent data leaks, as well as identify and fix code flaws at an early stage of development.
- World leader in the number of programming languages
- Can work without source code
The ability to analyze binary code and check mobile applications via a link in the App Store or Google Play
- Doesn’t require development experience
Intuitive interface and start scanning in a few clicks
- Certified Russian development
Certified by the FSTEC of Russia, included in the Unified Register of Domestic Software and complies with the requirements of OUD4
Solar appScreener analyzes both source code and binary code
- An internal representation of the code is built, on which static analysis algorithms are applied. If a binary code is analyzed, deobfuscation (unraveling) and decompilation of code sections with vulnerabilities is preliminarily applied.
- After that, the translation of vulnerabilities and NDV to the source code is carried out.
- The use of Fuzzy Logic Engine technology minimizes the number of false positives.
- The reporting system provides recommendations on how to fix vulnerabilities, undeclared capabilities, and how to configure WAF.
Facilities and Benefits:
- Independent analysis of application security without the involvement of developers
- Reducing information security risks for the company
- Obtaining a detailed description of detected vulnerabilities and clear recommendations for configuring WAF
- Control of application developers and contractors, as well as verification of legacy software
- Early detection and remediation of code vulnerabilities before the release of the application
- Reduced code development costs and accelerated application launch
- Convenient integration of code analysis into the secure development cycle (Secure SDLC)
- Improved code quality by reducing vulnerabilities and NDV in applications under development