Search
English Korean Japanese Partner Portal Contact Us Location
navigation
< >

Sparrow SCE - Build Security into the Software

Last updated

Feb 23, 2015

Share this content


Sparrow SAST detects security weaknesses in source code with its semantic based static program analysis engine
History has proven that defects, bugs and flaws in software have consistently been the leading cause of security vulnerabilities. If developers can pinpoint this insecure code and correct it before deployment, the chances of these security vulnerabilities causing problems can be reduced or eliminated.

Sparrow SAST (Static Application Security Testing) tool not only detects security vulnerabilities through the best static analysis engine based on semantic and syntactic methods, it also follows a strict set of compliance requirements and follows CWE, OWASP, CERT and other international standards.

Sparrow SAST applies the best technology to the most optimal diagnostic tool
  • Uses the latest semantic based static analysis tool
  • Provides both semantic and syntactic engines to increase detection for security vulnerabilities and decrease or eliminate the number of defects, bugs and flaws in software
  • Meets compliance requirements and detects fatal errors identified by international standards for coding
Sparrow SAST can help you defend against threats of cyber terrorism
Cyber-attacks typically target network weaknesses causing organizations to protect themselves with firewalls, intrusion prevention systems, and similar tools. Current cyber-attacks target weaknesses in the software organizations develop and use. It is difficult to stop malware related attacks after software has been developed. SPARROW SAST lets you virtually eliminate these attacks before the software is developed by detecting all security vulnerabilities in the source code.

Meeting secure coding compliance requirements
Most organizations and regulations now demand that developers follow secure coding compliance requirements for software development. This is in reaction to major incidents of cyber terrorism all over the world. SPARROW SCE can detect security vulnerabilities in your software and meet the compliance regulations and requirements before releasing the software.

SPARROW SAST also detects some of the top weaknesses identified by international standard organizations such as the CWC/SANS Top 25, OWASP Top 10, and CERT. Fasoo helps developers reduce or eliminate these coding errors before they are deployed.
  • CWE/SANS Top 25 Most Dangerous Software Errors GO
  • CERT Secure Coding GO
  • OWASP Top 10 GO
Reduce the amount of detection time and lower the cost of security vulnerabilities
According to NIST, if organizations detect and remove security weaknesses before completing development, they can reduce a maximum of 30 times of the expense compared to finding and removing security weaknesses after development. The use of a semantic-based static analysis tool, such as SPARROW SAST, is the only way to detect all of these security weaknesses within the source code before it is released.

Establishes a practice of making security a priority in software development
When SPARROW SAST is applied to secure coding, you create a safe and efficient software development environment. Checking source code for security vulnerabilities at an early stage of development improves all areas of security for an organization, since it will use defect and error free software.

[Source: http://blog.typemock.com/wp-content/uploads/2012/07/Infographic-The-Severity-of-Bugs-Are-We-Doomed.pdf]

(USA) +1-732-955-2333   (Global) +82-2-300-9102 Product Inquiry

Resources

    No Resource