Intelligent static application security testing solution

Find and fix security vulnerabilities at the speed of DevOps.

프로그램 및 점검항목 지원
Languages & compliance
  • Support over 20 languages including Java, JSP, C/C++, C#, Python, Swift, ASP(.NET), ABAP, Object C, etc.
  • Complies with global security compliances guides and standards
다양한 정적분석 기술 지원
Fast & accurate analysis
  • MVC structure analysis, associated file analysis, and analysis of function call relationship in various levels
  • Incremental analysis: Minimize analysis time by only analyzing newly added, modified files and their associated files
  • Interact with other Sparrow AST solutions (DAST, RASP) to identify correlation among vulnerabilities and improve search results
스마트 애플리케이션 분석 기술
Advanced manageability
  • Issue navigator to track and follow vulnerabilities from its origin to actual code
  • Automated real source code correction guide
  • Automated classification of vulnerabilities
가트너 매직 쿼드런트 등재
CC 인증
ISO26262 인증
InfoSecurity 수상
OWASP 벤치마크 스코어
Compliance regulation
CWE
OWASP
CERT
MISRA C/C++
MSSC C/C++
HIC C++ and more
Key Feature
웹기반 통합 관리
Web-based centralized management
  • Dashboard for analysis result management and statistics
  • Centralized rule (Checker) management based on information including risk levels, option and other.
형상관리, 이관제어, 개발 IDE, 빌드 도구와의 연동 지원
Integration
  • Transfer control via integration with source code version control systems
  • Automated management via integration with Build Management Tool (Continuous Integration) and Issue Tracking System (ITS)
  • By interacting with DAST and RASP, detect vulnerability during program operation to improve vulnerability detection
강력한 관리 기능
Dashboard and statistics
  • Dashboard offers various information including analysis, detection issues, risk levels, projects, etc.
  • History and trend of analysis results by period
  • Provides statistics by project, by user and by compliances
고객 친화 맞춤형 보고서 제공
Customizable report
  • Edit project summary, analysis file information, results by risk levels, etc.
  • Reports (PDF, Excel, Word, HWP)
결과 및 이력 관리
Analysis history management
  • Automatically differentiate new issues from old issues
  • Automatic identification of existing detection result status even if source code line changes
  • Prevent tempering and unauthorized use via exception request/approval process
다양한 분석 기술 지원
Analysis methods
  • Easy to use GUI that enables analysis with a simple click
  • CLI that enables batch and scheduling analysis
  • Plugin that can be installed in development IDE to enable analysis and result checking
  • Simple drag and drop analysis via web management system without separate client program
Use Case
Flexible integration with process and development environment
Integration with developer IDEs
Integration with version control systems
Integration with build systems
How to purchase
On-Premises
Perpetual license, Basic (5 Users)
Supported Environment
Category Details
Server OS
Windows Server 2000 or higher
Ubuntu 8.04 or higher
Redhat Linux 5 or higher
Fedora 8 or higher
CentOS 5 or higher
DB
PostgreSQL (Embedded)
Client OS
Windows XP or higher
Ubuntu 8.04 or higher
Redhat Linux 5 or higher
Fedora 8 or higher
CentOS 5 or higher
AIX 5.1 or higher
HP_UX 11.x or higher
SUN_OS 5.6 or higher
MAC_OS 10.6 or higher
Plug in
Eclipse (3.2 or higher)
Visual Studio (2005~2015)
Proframe Studio
IntelliJ, Android Studio
Eclipse Based Tool (IBM RAD etc.)
Language
Support Unicode
Multilingual UI support (English / Japanese / Korean)
Hardware Specification
Category Details
Server Client
CPU
Quad Core 2.5GHz or faster
Dual Core 2GHz or faster
RAM
16GB or larger
2GB or larger
HDD
300GB or larger
500MB + (2 * Size of source code)
Other supported Environment
Category Details
Languages
  • C/C++
  • Android Java
  • Java
  • Objective-C
  • JSP
  • HTML
  • C#
  • SQL
  • XML
  • ABAP
  • PHP
  • ASP.NET
  • Python
  • VB.NET
  • Swift
  • Javascript
  • Apex
  • VBScript
  • Visualforce
  • XSL
  • etc.
Framework
Java: Spring Framework, iBATIS, MyBatis, Struts2, eGovernment Framework
C: Tmax Proframe
C#: ASP.NET MVC