SAST - Static Application Security Testing
...
Static Reviewer and Quality Reviewer, released in the Security Reviewer Suite, are provided both On Premise (Desktop, CI Plugins, Maven / Gradle / SBT / SonarQube Plugins, Ant Task and CLI Interface tested with many CI/CD platforms) and in Cloud (our Web App offered in an high-performance European or American Secured Cloud Infrastructure), as Container (Docker, Kubernetes, OpenShift or any other APPC-compliant). Static Reviewer executes code checks according most relevant Secure Coding Standards for commonly used Programming Languages. It offers a unique, full integration between Static Analysis (SAST), Software Composition Analysis and DAST (Dynamic) analysis, directly inside Programmers IDE.
...
SCM Integrations
You can directly checkout (push) source code from the following SCM platforms:
SubVersion (SVN)
IBM Rational ClearCase
Perforce
Mercurial
AccuRev
The source code will be stored temporary in an encrypted folder and loaded in a secure buffer.
Analysis Results can be stored in the above SCM platforms.
You can do that using our Jenkins plugin or directly from our Desktop app.
File Servers
All our products can work accessing files on local file system, as well as the following File Sharing Systems:
...
Oracle MySQL 5.6 or higher
Oracle Database RAC 12 or newer (includes Oracle APEX)
Microsoft SQL Server 2012 or newer
PostgreSQL 9.0 and higher
Alpine H2 1.4.196 or newer
MariaDB 10.x
| Anchor | ||||
|---|---|---|---|---|
|
...
Requests and Responses log. Our CI Plugins rely on your CI Platform for this kind of logging. See: https://jenkins.io/doc/pipeline/steps/http_request/ and https://confluence.atlassian.com/bamboo/logging-in-bamboo-289277239.html
Audit log. Our CI Plugins rely on your CI Platform for this kind of logging. See: https://plugins.jenkins.io/audit-log and https://confluence.atlassian.com/bamboo/logging-in-bamboo-289277239.html
Application log. Our Ci Plugin write XML cloned as plain-text in the current CI Workspace, using slf4j. Further the application log is written in the standard CI Console Output
Access log. See https://wiki.jenkins.io/display/JENKINS/Access+Logging and https://confluence.atlassian.com/bamboo/logging-in-bamboo-289277239.html
Vulnerability detection log. Two Vulnerability logging ways are provided: Inside Application log (see above) and a separate XML log in the current CI Workspace, using slf4j
The above logs are customizable according the customer needs.
| Anchor | ||||
|---|---|---|---|---|
|
...
Low Code: Appian BPM andSAIL, ServiceNow Client-Side/Server-Side/Glide/Business Rules/Jelly, UIPath RPA, Microsoft Flows and PowerApps, Oracle Application Express (APEX), Siebel eScript, Svelte, Camunda, Salesforce APEX, BMC-EngageOne Enrichment (formerly Pitney Bowes StreamWeaver).
Integration Integration Platforms: TIBCO ActiveMatrix BusinessWorks, BMC Control-M
...
Supported Libraries and Frameworks (Static Analysis):
JAVA: 146 Frameworks
https://en.wikipedia.org/wiki/List_of_Java_Frameworks
...
Parameters: Parameters in Naive Bayes are the estimates of the true distribution of whatever we're trying to classify. The variables your algorithm is trying to tune to build an accurate model..
Classifier: Classifiers are also referred to group of attributes. .
...