Comprehensive dynamic analysis with IAST capability

Dynamic application security testing solution that provides powerful analytics and high usability

다양한 최신 기술 지원(HTML5, Ajax 등)
Applying the latest technologies
  • Web application analysis using the latest technologies including HTML5, and Ajax
  • Reproduce vulnerability attack process by event
웹 취약점 자동 검출
Automated detection of security vulnerabilities
  • Automatically crawls subdirectories information from a web application’s URL.
  • Detect security vulnerabilities from crawled URLs
  • Open source web library vulnerability analysis
애플리케이션 도구간 상호작용 지원
Interaction support
  • Interaction with Sparrow’s analytic solutions to overcome the limitation of conventional DAST technology
  • TrueScan(IAST module): Improve detection with IAST module
Compliance regulation
OWASP Top 10 2017
CWE
Key Feature
웹기반 통합 관리
Web-based user interface
  • Web-based user interface eliminates the need for installation and easy access via web browser
  • Centralized management of analysis results and sharing
강력한 동적 분석 능력
Powerful analysis
  • Detect security vulnerabilities in web applications using browser event replay technology
  • Open source web library vulnerability analysis
다양한 도구간 상화작용 지원
Interaction support
  • Overcome limitation of dynamic analysis via interaction with Sparrow SAST and RASP
  • IAST capability via TrueScan function
편리한 분석 보고서 제공
Analysis reports
  • Easy to read report with clear vulnerability information and trends
  • Detailed reports with analysis methods, results, and solution for each vulnerability
웹 애플리케이션 분석 기능
Analyze the latest web application technology
  • Web application analysis using the latest technologies such as HTML5, AJAX, etc
  • Vulnerability detection by reproducing various events that can be performed in the browser
사용자 관리 기능
Multi-user optimized system
  • Set permissions and roles per user
  • Centralized management of analysis results and sharing among users
Use Case
Easy web application vulnerability diagnosis and remediation
Easy web application vulnerability scan
No tools needed and easy diagnosis via web browser
Reproduce vulnerability detection
Identify the cause of the vulnerability by using the event clipboard
Detect and fix detected vulnerabilities
Quickly check whether the vulnerabilities are fixed using implementation analysis
How to purchase
On-Premises
Annual license, Basic (5 users, 1 concurrent analysis)
Supported Environment
Category Details
OS
Windows 7 or higher
Windows Server 2008 or higher
Redhat Linux 7 or higher
CentOS 7 or higher
Ubuntu 14.04 or higher
Debian 8 or higher
openSUSE 13.3 or higher
Fedora 24 or later
DB
PostgreSQL (Embedded)
Hardware Specification
Category Details
CPU
Quad Core 2.5GHz or faster
RAM
16GB or larger
HDD
300GB or larger