Security Reviewer Suite is composed by:
...
Static Reviewer
Static Reviewer - Code Inspection is our SAST (Static Application Security Testing) product. Static Reviewer is not just another SAST tool. We provide a low-cost, accurate and super-fast tool, 52x Faster than average AppSec tools, based on most modern technologies (Machine Learning, new AI algorithms, our Blockchain), easily integrated to your DevOps, covering all vulnerability detection provided by our competitors (like Micro Focus Fortify™, CheckMarx™, HCL AppScan™, Veracode™, Kiuwan™, Corvallis Julia, Coverity™, SonarQube, etc.), and adding further 100+ detection rules for each of 40+ supported programming Languages.
Further than the SAST product, Quality Reviewer module calculates 100+ Software Quality Metrics (McCabe, Mood, CK, Halstead, Cognitive Metrics, Composite Metrics, etc.). It is made of three modules: Software Quality Metrics, SQALE, Software Resilience Analisis (SRA) and Effort Estimation.
Quality Reviewer's Effort Estimation module measures and estimates the Time, Cost, Flow Complexity, Size and Maintainability of software projects as well as Development Team Productivity, starting from source code. Fully configurableCISQ© Automated Function Points (AFP)feature is provided as well as a modern software sizing algorithm calledAverage Programmer Profile Weights(APPW © 2009 by Logical Solutions), a successor to solid ancestor scientific methods as COCOMO, REVIC, COSMIC-FFP and Backfired Function Points, that are also provided. Applying Motorola© six-Sigma methodology, QSM and Capers Jones (SRM) algorithms, Quality Reviewer, further than providing traditional software sizing tools, produces more accurate results while being faster and simpler. By using Effort Estimation plug-in, a project manager can get insight into a software development within minutes, saving hours of browsing through the code.
Software Composition Analysis
...
Dynamic Reviewer
Dynamic Reviewer provides an easy-to-use, fully-integrated Dynamic Analysis tool. Its special lightweight PenTest features, allowing to explore vulnerabilities in your Web Applications at the same time to keeping the software securely in your own hands, at your premises.
Mobile Reviewer
Mobile Reviewer is built on the software-as-a-service (SaaS) model, enabling enterprises to get on-demand security assessments of their Mobile Apps. It is able to scan both Android (Android C++ SDK, Java, Kotilin) and iOS apps (Objective-C, Objective-C++ and Swift), as well as legacy Windows Mobile apps.
Team Reviewer
Team Reviewer helps solving almost every problem related to Vulnerability Management and Tracking as well as GDPR Compliance issues. It is able to run 3rd party SAST, IAST and DAST products, and to import results for a large number of tools.
It is the default Dashboard. It can collect all results from the entire Security Reviewer Suite.
...
Firmware Reviewer
Firmware Reviewer analyzes packed Firmware image files, Firmware archives as well as ROS containers, providing the following Compliance Reports: OWASP Top 10 IoT 2018, ENISA-Baseline Security Recommendations for IoT, NIST Security Feature Recommendations for IoT Devices, , DCMS GOV.UK - Code of Practice for consumer IoT security, ETSI TS 103 645 V1.1.1 - Cyber Security for Consumer Internet of Things, BITAG - Broadband Internet Technical Advisory Group, SB-327 Information privacy: connected devices, CVE, CWE and CVSS.
...
Security Reviewer is an Italian startup company offering a new-concept Application Security suite based on the new Dynamic Syntax Tree algorithm, and some Patents invented in 2001 by formerly Scientific Manager, built on Machine Learning, for more fast, efficient and accurate results. Security Reviewer started its path on app security in 2001, Its founders and the Scientific Manager worked together on applying classic security methodologies (OWASP, OSSTM, CVSS notation) on Web apps and Mobile environments. Reverse Engineering experience on Windows, Linux, Mac OSx, iOS and Android apps permitted to apply a new approach on Static and Dynamic analysis of Web and Mobile business or service apps. It found in an important Italian Goverment institution the trust on developing its first Code Inspection product: Static Reviewer – Static Application Security Testing (SAST). After 24 months of presence on the market, other customers as well as our participation on some European Funding projects, stimulated for all-round security of Web and Mobile channels, so Security Reviewer improved its offering by developing a suite of tools. Security Reviewer became a container of a bunch of Innovative Solutions:
...
Because we specifically designs our products to work together, on the same platform, there are several advantages for the user including no double data entry, more cross-application features and faster processing speeds.
Security Reviewer does not rely to third-party vendors (except for some open source libraries), all our core software is made by us, and is fully-integrated.
COPYRIGHT (C) 2014-2021 2022 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.