Comprehensive dynamic analysis with IAST capability

Dynamic application security testing solution that provides powerful analytics and high usability

Latest technology support(HTML5, Ajax, etc)
Applying the latest technologies
  • Web application analysis using the latest technologies including HTML5, and Ajax
  • Reproduce vulnerability attack process by event
Automated detection
Automated detection of security vulnerabilities
  • Automatically crawls subdirectories information from a web application’s URL.
  • Detect security vulnerabilities from crawled URLs
  • Open source web library vulnerability analysis
Integrated with RASP, IAST capability
Interaction support
  • Interaction with Sparrow’s analytic solutions to overcome the limitation of conventional DAST technology
  • TrueScan(IAST module): Improve detection with IAST module
Compliance regulation
OWASP Top 10 2017
CWE
Key Feature
Web browser based user interface
Web-based user interface
  • Web-based user interface eliminates the need for installation and easy access via web browser
  • Centralized management of analysis results and sharing
Powerful analysis
Powerful analysis
  • Detect security vulnerabilities in web applications using browser event replay technology
  • Open source web library vulnerability analysis
IAST module
Interaction support
  • Overcome limitation of dynamic analysis via interaction with Sparrow SAST and RASP
  • IAST capability via TrueScan function
Customizable reports
Analysis reports
  • Easy to read report with clear vulnerability information and trends
  • Detailed reports with analysis methods, results, and solution for each vulnerability
Latest technology support(HTML5, Ajax, etc)
Analyze the latest web application technology
  • Web application analysis using the latest technologies such as HTML5, AJAX, etc
  • Vulnerability detection by reproducing various events that can be performed in the browser
User, role management
Multi-user optimized system
  • Set permissions and roles per user
  • Centralized management of analysis results and sharing among users
Use Case
Easy web application vulnerability diagnosis and remediation
Web based scan use case
Easy web application vulnerability scan
No tools needed and easy diagnosis via web browser
Vulnerability replay use case
Reproduce vulnerability detection
Identify the cause of the vulnerability by using the event clipboard
Implementation analysis use case
Detect and fix detected vulnerabilities
Quickly check whether the vulnerabilities are fixed using implementation analysis
How to purchase
On-Premises
Perpetual license, Basic (5 users, 1 concurrent analysis)
Supported Environment
Category Details
OS
Windows 7 or higher
Windows Server 2008 or higher
Redhat Linux 7 or higher
CentOS 7 or higher
Ubuntu 14.04 or higher
Debian 8 or higher
openSUSE 13.3 or higher
Fedora 24 or later
DB
PostgreSQL (Embedded)
Hardware Specification
Category Details
CPU
Quad Core 2.5GHz or faster
RAM
16GB or larger
HDD
300GB or larger