About Us

An innovative StartUp

Security Reviewer is an Italian innovative start-up company from Tuscany, born in 2015, owning some Patents, like Dynamic Syntax Tree algorithm, built around small, tight-knit team of talented software engineers, architects, quality assurance professionals, who are passionate about their work and have all the skills, professional certifications and knowledge required to produce outstanding IT solutions since 2001.

Security Reviewer is focused on improving the Security and Quality of software deliverables by integrating its innovative Static and Dynamic technologies into the customer’s DevOps process. Our mission is in enabling organizations to secure applications from the start, reducing risk and cost along the way, in both Enterprise and Cloud platform models.

Why Choose Us ?

A Choice that makes the Difference

Security Reviewer has not developed just another Code Review suite. We provide a low-cost, accurate and super-fast set of tools, 52x Faster than average AppSec tools, and based on modern technologies (Machine Learning, new AI algorithms, our Blockchain), easily integrated to your DevOps, covering all vulnerability detection provided by our competitors (like Micro Focus Fortify™, CheckMarx™, HCL AppScan™, Veracode™, Kiuwan™, Corvallis Julia™, Coverity™, SonarQube™, etc.), and adding further 100+ detection rules for each of 40+ supported programming Languages. Further, we provide a tool set covering SAST (Static Application Security Testing, Mobile iOS and Android included), DAST (Dynamic Analysis), Firmware Analysis (both Static and Dynamic), Software Resilience Analysis and SCA (Software Composition Analysis).

Project Success Guaranteed

We do not offer Consultancy Services directly to Customers. Beware of false Security Reviewer 'experts'. To ensure Project success, we offer a Certification Program mandatory for every Consultancy Firm using our Products in a Consultancy Project at Customer's site. Check our Resellers Network and our Customer Community.

Just In Time Development

Following your Enhancement requests, we guarantee the deployment of your Change Requests in about 48 hours and your Feature Requests developed during next 30 working days. We are committed to help our clients reaching their goals, to personalize their Secure Review experience, to provide an innovative environment, and to make the difference.

Core team

20+ people @ your service. Our Core Team since 2015:

See more Employees in LinkedIn

Patents

Dynamic Syntax Tree	Dynamic Image Interpreter for DAST, Mobile & Firmware Emulation	Universal Vulnerability Description Language	Agent-based Firmware Analysis

Analyzes both Sources (SAST) and compiled Classes (Sandbox), eliminating 99% of False Positives	Reveals Async Inputs, Application Status Changes, Lost Connections, Unhandled Errors, RANSOMWARE and more, by interpreting the images dynamically	A unique Vulnerability Description Language to rule them all	Installs an Agent to the bootfs and monitors even encrypted Firmware images

Profiles

Scientific Articles

Link	Description
S tatic Analysis: New Emerging Algorithms	A detailed analysis of existing Static Analysis Algorithms.
Dynamic Syntax Tree: Optimized Binary Sandboxing	Dynamic Syntax Tree (DST) implementations use Binary Sandboxing for enhancing the Static Analysis process.
Dynamic Syntax Tree: Implementation Results	We present some Dynamic Syntax Tree implementation results
The Agile Alliance Debt Analysis Model	It contains good practices which, when violated, generate technical debt
Mobile Apps Analysis - A Hybrid Approach using Dynamic Syntax Tree	We examine iOS and Android platforms, and for each we provide a thorough investigation of existing and historical security features, evidence-based discussion of known security bypass techniques, and concrete recommendations for remediation
Firmware Analysis using a Bootloader	We present a way to analyze encrypted Firmware images, replacing their Bootloader during emulation.

Useful Information

Security Reviewer Web Site

Security Reviewer is an Oracle™ Partner

Security Reviewer is an IBM™ Business Partner

Security Reviewer is a SUSE™ Silver Partner

Security Reviewer suite is recognized as an Official SQALE Tool

Security Reviewer participates to ‘Managing Technical Debt’ Agile Alliance group

Security Reviewer is one of the LinkedIn Top products in Static Application Security Testing (SAST) Software category

Static Reviewer is certified SUSE™ Linux Enterprise Ready

Static Reviewer is a certified Oracle Linux Ready Application

Static Reviewer is a RedHat™ Certified Standalone Application

Static Reviewer is listed on SAMATE and NIST Source Code Security Analyzers

Static Reviewer is listed on OWASP Source Code Analysis Tools

Static Reviewer is certified CWE Compatible

Contacts

Security Reviewer Srl
Via della Pace, 154
58100 Grosseto, Italy
info@securityreviewer.com

General Manager Mr.Massimo Fagiolo +39 3771619590 massimo@securityreviewer.com

Partnerships

Certifications

Proven Knowledge

Security Reviewer Knowledge Center