Security Reviewer Knowledge Center


 


About Us

An innovative StartUp

Security Reviewer is an Italian startup from Tuscany, born in 2015, owning some Patents, like Dynamic Syntax Tree algorithm, built around small, tight-knit team of talented software engineers, architects, quality assurance professionals, who are passionate about their work and have all the skills, professional certifications and knowledge required to produce outstanding IT solutions since 2001.

Security Reviewer is focused on improving the Security and Quality of software deliverables by integrating its innovative Static and Dynamic technology into the software development process. Our mission is in enabling organizations to secure applications from the start, reducing risk and cost along the way, in both Enterprise and Cloud platform models.

Why Choose Us ?

A Choice that makes the Difference

Security Reviewer has not developed just another Code Review suite. We provide a low-cost, accurate and super-fast set of tools, 52x Faster than average AppSec tools, and based on modern technologies (Machine Learning, new AI algorithms, our Blockchain), easily integrated to your DevOps, covering all vulnerability detection provided by our competitors (like Micro Focus Fortify, CheckMarx, HCL AppScan, Veracode, Kiuwan, Corvallis Julia™, Coverity, SonarQube™, etc.), and adding further 100+ detection rules for each of 40+ supported programming Languages. Further, we provide a tool set covering SAST (Static Application Security Testing, Mobile iOS and Android included), DAST (Dynamic Analysis), Firmware Analysis (both Static and Dynamic), Software Resilience Analysis and SCA (Software Composition Analysis). 

Project Success Guaranteed

We do not offer Consultancy Services directly to Customers. Beware of false Security Reviewer 'experts'. To ensure Project success, we offer a Certification Program mandatory for every Consultancy Firm using our Products in a Consultancy Project at Customer's site. Check our Resellers Network and our Customer Community.

Just In Time Development

Following your Enhancement requests, we guarantee the deployment of your Change Requests in about 48 hours and your Feature Requests developed during next 30 working days. We are committed to help our clients reaching their goals, to personalize their Secure Review experience, to provide an innovative environment, and to make the difference.


Core team

30+ people @ your service. Our Core Team since 2015:

See more Employees in LinkedIn

Patents

Dynamic Syntax Tree

Dynamic Image Interpreter

for DAST, Mobile & Firmware Emulation

Universal Vulnerability

Description Language

Agent-based Firmware Analysis

 

 

 

 

Analyzes both Sources (SAST) and compiled Classes (Sandbox), eliminating 99% of False Positives

Reveals Async Inputs, Application Status Changes, Lost Connections, Unhandled Errors, RANSOMWARE and more, by interpreting the images dynamically

A unique Vulnerability Description Language to rule them all

Installs an Agent to the bootfs and monitors even encrypted Firmware images

Profiles

 

Scientific Articles

Link

Description

Static Analysis: New Emerging Algorithms

A detailed analysis of existing Static Analysis Algorithms.

Dynamic Syntax Tree: Optimized Binary Sandboxing

Dynamic Syntax Tree (DST) implementations use Binary Sandboxing for enhancing the Static Analysis process.

Dynamic Syntax Tree: Implementation Results

We present some Dynamic Syntax Tree implementation results

The Agile Alliance Debt Analysis Model

It contains good practices which, when violated, generate technical debt

Mobile Apps Analysis - A Hybrid Approach using Dynamic Syntax Tree

We examine iOS and Android platforms, and for each we provide a thorough investigation of existing and historical security features, evidence-based discussion of known security bypass techniques, and concrete recommendations for remediation

Firmware Analysis using a Bootloader

We present a way to analyze encrypted Firmware images, replacing their Bootloader during emulation.



Useful Information

Security Reviewer Web Site

Security Reviewer is an Oracle™ Partner

Security Reviewer is an IBM™ Business Partner

Security Reviewer is a SUSE™ Silver Partner

Security Reviewer suite is recognized as an Official SQALE Tool

Security Reviewer participates to ‘Managing Technical Debt’ Agile Alliance group

Security Reviewer is one of the LinkedIn Top products in Static Application Security Testing (SAST) Software category

Static Reviewer is certified SUSE™ Linux Enterprise Ready

Static Reviewer is a RedHat™ Certified Standalone Application

Static Reviewer is listed on SAMATE and NIST Source Code Security Analyzers

Static Reviewer is listed on OWASP Source Code Analysis Tools

Static Reviewer is certified CWE Compatible

 

COPYRIGHT (C) 2014-2021 SECURITY REVIEWER SRL. ALL RIGHTS RESERVED.


 

 

 

Contacts

Security Reviewer Srl
Via della Pace, 154
58100 Grosseto, Italy
info@securityreviewer.com


Quick navigation


Partnerships

 

 

 

 

 


Certifications

Proven Knowledge

 

 


Technologies