Versions Compared

Old Version 57

changes.mady.by.user Marco Security

Saved on

compared with

New Version 58

changes.mady.by.user Marco Security

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

In 2023 we launched Cloud Reviewer, our SaaS version of Static Reviewer (SAST), SCA Reviewer and Dynamic Reviewer (DAST), and optionally Mobile Reviewer (MAST) and Firmware Reviewer, integrated to a Vulnerability Management system, based on Team Reviewer, full browser-based It provides real advantages over on-premises solutions. There is no hardware to purchase or software to maintain, no additional staff to manage your security solutions.

...

Cloud Reviewer can be deployed right away, and delivers results immediately to let you begin building ROI on day one. You have different options for preserving the access to your code. And Cloud Reviewer is constantly improving as the threat landscape evolves, helping to keep your defenses up to date without needing to constantly upgrade on-premise technology.

You can integrate Cloud Reviewer in your DevOps, using the Remote Scan, IDE Integration and Git Repository Integration features.

We have an agreement with some IaaS providers, in order to cover all the IT business Data Center locations worldwide. No Hidden costs, typical of Cloud solutions, no AWS, no Azure, no Google dependencies.

Static Reviewer

v6.00.03

Reserved to Customers with Enterprise Unlimited licences. Volume licensing Customers must use 5.01.04 version.

See the Release Notes

Our flagship product, Static Reviewer is available as Desktop, CLI, CI/CD plugin, IDE plugin and Cloud Reviewer plugin. It is available as Docker images package too.

...

Green Software

...

Cloud-Ready

...

v5.01.04

Volume licensing Customers must use this version.

See the Release Notes

  • Multilingual version: English, Italian, Spanish, German, Simplified Chinese, Ukraine and Russian. Translation kit is available

  • Scan Rules:

    • 90+ new Rules for ABAP programming language, 50+ new Rules for JAVA, 30+ new Rules for .NET

    • 30+ Rules for Natural and Oracle APEX

    • 200+ new Rules for Terraform, CloudFormation, Ansible Tasks, github Actions, Dockerfile, Kubernetes

    • 20+ new Rules for Azure, Amazon AWS and Google Cloud

    • 20+ new Rules for Mobile

  • Support for Business SAP Pages, LUA, and Perl programming languages

  • Configurable Source Code Editor: Added Atom support. gedit, Notepad++, Sublime Text, Visual Studio Code, PSPad are also natively supported.

  • Tags field was added to Version-Engagement

  • Analyses can be searched by Application-Product, Auditor, and Tag

  • Settings can be filtered by Severity

  • Suppress Files feature has been enhanced

  • Enhanced compatibility checks during Incremental Analysis

  • New Analysis Options for storing Desktop preferences, like: ‘Paging’, ‘Show FP/AR’ and ‘Group by’

  • Enhancement about Accepted Risk, False Positives and Exclusion List inside Reports

  • New Report sections named ‘Analysis Options’ and ‘Languages Options’

  • Enhanced What If feature in Risk Indicators

  • Configurable Remediation Staff for Risk Indicators

  • Set as FP on Condition: Mark as False Positives all Findings based on pattern

...

  • Windows, Linux and macOS native versions based on .NET Core 7

  • Enhanced CLI: new arguments for SRCheck and SRsetOPT. New commands SRRulesAMR, SRExclusionsAMR, SRParamsAMR. New commands for IDE Plugins.

  • New Remote Scan CLI (TRScan)

  • New Findings: ISO 5055, Green Software, Cloud-Ready, Resilience (to be purchased separately). They can be audited both in Desktop and Team Reviewer

  • Support for CWE 4.9

  • Support for PCI-DSS v.4.0

SCA Reviewer

v6.00.03

Reserved to Customers with Enterprise Unlimited licences. Volume licensing Customers must use 5.01.04 version.

See the Release Notes

Our Software Composition Analysis tool, named SCA Reviewer, provides a full coverage of third-party libraries/frameworks/scripts analysis, released as Desktop, CLI, CI/CD plugin and Cloud Reviewer plugin. It is available as Docker images package too.

...

  • Support for <modules> in pom.xml

  • Support for Java 22

  • Docker version, portable to any host

v5.01.04

Volume licensing Customers must use this version.

See the Release Notes

  • Multilingual version: English, Italian, Spanish, Simplified Chinese and Russian. Translation kit is available

  • Custom Blacklists, both for Licenses and Libraries, controlled by the User

  • New Scan Policies for Outdated Libraries, Discontinued Libraries, Malware Detection, Ransomware Detection

  • Offline Mode (no Internet connection is required, Vulnerabilities DB can be updated in a different machine and transferred to the local machine via internal network)

  • New Filters in Findings:

...

  • New Web UI, based on Team Reviewer, inheriting Performances, Scalability, Monitoring, Logging and Multi-Tenancy

  • Dynamic Reviewer findings directly managed by Team Reviewer

  • WhiteBox Mode

  • Host Scanning

  • Multi-target URIs

  • Different kind of Connections to target (DIrect, Proxy, SSH-Tunnelling)

  • Docker version, portable to any host

Team Reviewer

v5

Reserved to Customers with Enterprise Unlimited licences. Volume licensing Customers must use Cloud Reviewer.

See Release Notes

  • Multi-Tenant enhancements

  • Enhanced User Groups hierarchy

  • New SAST Server Plugin, SCA Server Plugin, DAST Server Plugin (to be purchased separately)

  • Remote SAST scanning support for IDE plugins (to be purchased separately)

  • New Risk Indicators: ISO 5055, Cloud-Ready, Green Software (to be purchased separately)

  • Code Alerting System (CAS) (to be purchased separately)

  • CAS Update Framework (to be purchased separately)

  • Integration to SecureFlag live training platform (to be purchased separately)

  • Docker version, portable to any host

...