Cloud Reviewer SaaS is an all-one Cloud-native application security suite platform, multi-tenant, fully managed and provisioned as a service. It is able to analyze 3^rd parties' libraries, open source components, Secret Scanning, IaC Misconfigurations (SCA), Source Code-Static (SAST), as well as Endpoints-Dynamic (DAST) and Mobile binary analysis (MAST) with Integrations of Third-party Tools and Application Security Posture Management (ASPM) of vulnerabilities found, False Positives, Accepted Risks, Multi-format Results (PDF, Word, Excel, CSV, JSON, XML, SARIF, etc.), fully ISO 9001-Compliant Custom Reports.

Our SaaS service has two targets:

• Italian Government Institutions

• International Enterprises and Institutions

Main Topics

Application Security Posture Management (ASPM) is a modern approach to managing and improving the security of applications throughout their lifecycle. It helps organizations gain complete visibility into their application security risks and take action to fix them effectively.

According to Gartner, ASPM analyzes security signals across software development, deployment, and operation to improve visibility, better manage vulnerabilities, and enforce security controls. As a result, security leaders can improve application security efficacy and better manage risk.

Open

Our On-Premises/SaaS solution provides a strightforward Application Security Posture Management (ASPM) solution, based on our on premises Team Reviewer product, also offered in SaaS as Cloud Reviewer.

Open

It acts as a centralized platform that aggregates data from multiple security tools, contextualizes it, and provides a unified view of application risk.

It collects results from different security tools, put them in one place, and helps teams:

• See which applications have issues

• Understand how risky those issues are

• Assign fixes to the right people

• Track whether things are getting better or worse over time

Team Reviewer/Cloud Reviewer provides a unified interface for accessing all our tools, an effective vulnerability discovery, management & tracking, by continuously identifying threats, monitoring changes in your applications, fully integrated to your DevOps, discovering and mapping all your software changes and reviewing configuration details for each asset.

Cloud Reviewer-Team Reviewer seamless integrates with your company’s assets, using the most useful access types. See: Access Checklist and Ecosystem.

Allow your developers, security engineers, team leads or managers have access to what they need.

Show isolated data to each user’s profile to make sure you keep everyone updated.

Use our CLI (Command Line Interface) to bring security operations closer to development and DevOps teams and prevent overloading your security teams.

One study shows that only 5% of vulnerabilities have been observed to be exploited in the
wild, while the monthly vulnerability remediation rate for companies is 16%. The
remediation rate is so low because it is expensive for companies to address vulnerabilities.

Open

Benefits of ASPM include:

Our ASPM provides a Real Time Visibility into an organization’s application landscape to find vulnerabilities, misconfigurations, and other threats more readily.

• SAST (AppScan, CheckMarx, CodeQL, Contrast Scan, Coverity, Fortify, GitHub SAST, GitLab SAST, Kiuwan SAST, ParaSoft, SemGrep, SonarQube, Veracode SAST, and many other OSS tools)

• SCA/SBOM (CheckMarx OSA, GitLab Dependency Scan, JFrog XRay, Kiuwan SCA, mend, OWASP Dependency Check, SBOM Radar, Sonatype, Snyk, Veracode SCA, OpenVAS, and many other OSS tools)

• IAST (Acunetix Acusensor, AppScan IAST, CheckMarx CxIAST, Contrast, HDIV, Invicti Shark, Seeker)

• DAST (Acunetix, AppScan DAST, Burp, Fortify WebInspect, Invicti, OWASP ZAP, Qualys, Rapid7, Veracode DAST, StackHawk, and many other OSS tools)

• MAST (AppKnox, Quokka, Edgeccan, CheckMarx MAST, Data Theorem, esChecker, Ostorlab, Pradeo, Mobisec)

• Threat Modeling (AWS Security Hub, AWS Threat Composer, BugCrowd, DrHeader, DSOP Scan, HackerOne, IntSights, ORT evaluated model, Outpost24, riskRecon, Threagile, TrustWare, Vulners)

• Infrastructure Scan (Nessus, Nmap, Qualys Infrastructure Scan, RedHat Satellite, Scout Suite, ssh-audit, SSLScan, Sslyze, SuSE NeuVector, Sysdig, Rapid7 Nexpose, Tenable Terrascan, Testssl, TFSec)

• Container/IaC Scan (Anchore, ARMO, AWS Inspector, AWS Prowler, AWS Security Hub Scan, Azure Security Center Recommendations Scan, Checkov, Clair, CrowdStrike, Docker-bench security scan, Dockle, ecsypno, GitLab Container Scan, Grype, Hadolint, Harbor, KICS, kube-bench, kube-hunter, LaceWork, RedHat OpenShift Container scanner, SemGrep IaC, Trivy, Twistlock, Wazuh)

• Secrets Scan and CNAPP Tools (AWS Secrets Manager, Azure Key Vault scan, Doppler, GitHub Secret Scanning, GitLab Secret Detection, GitLeaks, GitGuardian, Git-Secret, HashiCorp Vault radar, HawkScan, Legit Security, SentinelOne, Spectral Secret Scanning, Talisman, TruffleHog, Whispers, Yelp Detect Secrets)

• Code Coverage Tools (ACCELQ, Appsurify, JaCoCo, Cobertura, Jtest, Codecov, Devel::Cover, dotCover, EarlyAI, EMMA, BullseyeCoverage, Clover, Diffblue Cover, JCov, JUnit, Istanbul. Coveralls, grcov, NCrunch. NUnit, OpenClover, PHPUnit, PractiTest, TestPad, TestComplete, Xdebug, XRAY, Zephyr, TestCocoon, Squish Coco, LLVM coverage tools)

• Issue Tracking-Ticketing (ServiceNow, JIRA, GitHub Issues, GitLab Issue Tracker, ZenDesk, Mantis)

• Third-Party ASPM and CSPM tools (Wiz, OxSecurity, Invicti ASPM/Kondukto, BlackDuck SRM/CodeDx)

• Third-Party Dashboards (SonarQube, ThreadFix, OpenText Fortify SSC)

You can define a new Tool Import Parser (aka a new Integration) with our XML, JSON, SARIF, CSV Universal Importer, or by using our MCP Server providing a Natural Language Interaction.

• Prioritizing Security Risk through detailed contextual information extracted from previously siloed security tools and supervisor-level manual parameters. Teams can then respond more quickly to incidents than manually inspecting alerts generated by each solution. For updating the Prorities we use:

  • Risk Score. We filter for High CVSS and other risk scores/categorizations, like Cyber Risk Graph score and Stakeholder-Specific Vulnerability Categorization (SSVC).

  • Reachability. Many vulnerabilities are regarding unreachable parts of your apps, due to application flow (automatically detected), or they are behind an Web Application Firewall (WAF) or a Secure API Gateway or Other Gateways (to be declared manually by the Product/Product Type supervisor). There are other filters like: Peering connections, Unused in Production, Internet Exposed, Vulnerabilities in Public Repository.

  • Exploitability. We use EPSS (Exploit Prediction Scoring System), CISA+VulnCheck KEV (Known Exploited Vulnerabilities), NIST LEV (Likely Ex), CESS (Coalition Exploit Scoring System), VISS (Vulnerability Impact Scoring System) and CycloneDX Vulnerability Exploitability eXchange (VEX) to dramatically reduce the number of vulnerabilities to manage

  • Business Impact. The Business ca be affected by several weaknesses. We filter by: Connected to Sensitive Data (PHI, PII), Connected to Payment Systems (PCI), Critical Business Priority, Toxic combinations, In shared code modules, In High business impact repository or container group, High Technical Debt, High Incident Response costs, Direct Business Disruption, Reputational Damage, Regulatory Noncompliance (GDPR, NIS2, HIPAA, etc.), Loss of Intellectual Property.

• Intelligent remediation with greater context and root-cause insights teams can readily locate and triage security issues across platforms, assisted by our Machine Learning-based Intelligent Remediation.

• Improved productivity by automating workflows and security assessments that yield actionable insights, allowing more time spent on core tasks and goals.

• Cost and reputational savings from finding and fixing security issues before they result in breaches.

In IDC MarketScape Worldwide Application Security Posture Management Vendor Assessment 2025, DefectDojo is positioned between Major Players. Our Team Reviewer/Cloud Reviewer solutions provides an enhanced version of DefectDojo.

Open

Model Context Protocol (MCP) is an open protocol that standardizes how applications provide context to LLMs. Think of it like a plug’n’play port for AI applications — it provides a standardized way to connect AI models to external tools, data sources, and services.

Our MCP server is a middleware layer that:

• Abstracts Team Reviewer’s API into simple operations

• Handles various types of authentication

• Validates inputs before passing to Team Reviewer

• Provides consistent error reporting

• Runs stateless for easy scaling

Our MCP Server is built using FastMCP, exposing each Team Reviewer operation in masking mode, as an MCP tool that AI systems can access.

The server interfaces with key Team Reviewer entities:

• Findings (vulnerabilities): create, get, search, update status

• Products (applications being tested): list

• Engagements (testing activities): create, list, get, update, close

• Notes (comments on findings): add notes

Each entity gets such operations exposed as tools, mapping to Team Reviewer’s REST API while adding semantic context.

For avoid exposing sensitive security data, we implemented these key protections:

• Local Model Deployment: Using of locally-hosted LLMs for sensitive production data to maintain complete control over data processing and eliminate external transmission risks.

• PII/PHI/PCI Management: Security findings often contain paths, usernames, financial, health and application-specific data. We implement sanitization routines to automatically scrub (mask) data before it reaches the LLM interface, particularly for vulnerability details that might contain credentials or internal system paths.

LLM agnosticism prioritizes flexibility and adaptability by not being tied to one AI model or LLM. It can decrease risk and increase benefits for organizations. With so many AI models, tools, and LLMs available, no one wants to depend on one for all tasks.

Team Reviewer uses FastMCP for abstracting from LLM models and AI SDK solutions. We support the following API:

• OpenAI o1-o3

• GPT-4

• Claude Sonnet 3.5-4.5 / Amazon Bedrock

• Gemini 2.0-2.5 flash.

Often is needed to make language model calls within server-side functions. But what if the server could delegate those LLM requests to the client instead of handling them itself? This is exactly what FastMCP's LLM sampling feature enables.

LLM sampling in MCP servers refers to the ability of server-side functions to request language model completions from the client's language model rather than using a server-side LLM. This creates a unique inverted architecture where the server sends prompt instructions to the client, which then performs the LLM inference and returns the results back to the server.

In traditional AI architectures, the server hosts both the application logic and the language model integration. With LLM sampling approach, the server-side code can make requests like "generate a summary of this text" or "analyze the sentiment of this comment," but the actual language model processing happens on the client side.

We provide a Natural Language Interaction for easy querying the Team Reviewer operational data. Over a Prompt, the Results can be achieved in Text format, Formatted output (CSV, XML, JSON), HTML or PDF.

Examples of Prompt/Text Results in English (57 languages supported):

Open

Open

Open

With Team Reviewer’s Model Context Protocol (MCP), you transform security operations beyond traditional siloed tools, allowing security teams to leverage contextual AI capabilities in the future through:

• Conversational querying of findings: “List all critical XSS vulnerabilities affecting our payment portal”

• Pattern correlation discovery: “Which components have the most recurring issues?”

• Tailored remediation recommendations with code examples specific to your tech stack

• Automatic linking of findings to related CVEs and OWASP guidelines

I need a comprehensive security dashboard report for our quarterly board meeting. Please analyze our findings to show:

1. Vulnerability trends over the past 90 days

2. Development teams with the highest critical/high severity findings

3. Current SLA compliance status

4. Top 10 CWE categories needing immediate attention

5. Remediation recommendations with cost-benefit analysis

6. A 6-month roadmap to improve our security posture

Create this as an executive-level PDF report for the board, focusing on business risk and ROI of security investments.

Our CISO wants to assess the effectiveness of our current SAST tools and processes. Using vulnerability data, create a detailed analysis report covering:

1. False positive rates by tool and vulnerability type

2. Mean time to remediation by severity level

3. Repeated vulnerability patterns (same CWEs appearing multiple times)

4. Developer team performance comparison

5. Recommendations for tool configuration improvements

6. Training gaps from recurring vulnerability patterns

7. Cost analysis of current versus recommended tooling

Format this as a technical assessment report in HTML to justify budget for improved security tools and developer training.

• Automated triage processes: “Categorize yesterday’s findings by impact and exploitability”

• Comprehensive impact assessments: “Explain how this SQLi vulnerability could affect our customer data”

• Data-driven trend identification: “Show me which security issues have increased this quarter”

• Cross-system contextual awareness: “Compare this finding against our last pen test results”

• Seamless tool orchestration: “Open a JIRA ticket for this vulnerability and notify the DevOps channel”

• Forward-looking vulnerability analysis: “Based on our codebase and these findings, what vulnerabilities should we proactively address?”

You can create a prompt asking the model to reassess the Risk using the OWASP ASVS framework — not just classifying the finding, but summarizing it in Natural Language with contextual understanding.

The evaluation Results can be posted to the Notes section of the corresponding Finding in Team Reviewer.

Open

This includes comprehensive information such as the risk score, OWASP ASVS classification, and recommended actions. If necessary, the severity level is also updated accordingly.

In some cases, the severity can be automatically changed from Low to High.

Tasks like Summarizing Scan results, Evaluating Risk Levels, Threat Intelligence Reporting, Security Transformation Strategy, Security Operation Reporting, SAST Tools Effectiveness Analysis, and Mapping to OWASP ASVS, Creting a new Tool Import Parser — typically manual and time-consuming — can now be automated quickly and consistently using internal or external LLMs, like Claude Sonnet.

By combining structured security data with AI reasoning, this system serves as both a knowledge base and analysis partner, transforming security workflows into collaborative problem-solving.

Scans uncompiled code and doesn’t require complete builds. Sets the new standard for instilling security into modern development.

An application can be made of different Programming Languages. 

Cloud Reviewer recognizes all programming languages that are composing the analyzed app, as well as the Dominant Language (i.e. the Language with higher LOC).

Open

You can drill-down to Findings details:

Open

A Custom Reporting feature is available.

With Dynamic Reviewer DAST Safe-PenTest module, you can inspect your web application as Blackbox during running, no need to backup your data. Whitebox mode is also available. Dynamic Reviewer detects vulnerabilities, show the Exploits, but doesn’t apply them. It also detects Client-side vulnerabilities.

Open

Each Finding can explored in details:

Open

A Custom reporting feature is available.

SCA (Software Composition Analysis) identifies project dependencies on 3rd-party components. SCA will automatically determine if those components have known, publicly disclosed, vulnerabilities as well as licenses-related issues

Open

You can drill down to details:

Open

A Custom reporting feature is available.

Once the scan is completed, the Result page is reachable from the Summary tab by clicking on the Engagement name you are interested in. In this page you can manage the findings.

For Triaging, once you open the Findings:

Open

 you can choose the Analysis Type (for example: Security) using the Analysis combo box:

Open

You can select the finding(s) you want to triage one-by-one, by Folder, or you can collapse per vulnerability group (usually Rule Desc or other criteria in the Group by combo box) using the Collapse all button:

Open

By clicking on the > selector on the Sev column, you can re-open only the vulnerability group you want to triage first:

Open

Then select one or more Issue(s) or filter by Folder:

Open

The Edit Findings button will appear. Press it:

Open

Always write a Note (a text explaining why you're marking FP or AR the issue(s)) and choose between FP (False Positive/Not An Issue) or AR (Accepted Risk).

You can always turn back to non-FP/AR by clicking on Confirmed/Active or re-select/deselect the marked issue(s) using the table Rule/File/Line/Curr.Status/Note in the low part of the windows.

Press Save button.

The issue(s) you marked as FP or AR will be suppressed from the current Results and will be considered as suppressed on all the next Engagements/Versions scans of the same Product/Application.

To complete the Triage, you can also assign the vulnerabilities issue(s) to someone else using JIRA, if you authorized.

You can integrate Cloud Reviewer in your DevOps, using the Remote Scan, IDE Integration and GitHub/GitLab Integration features.

Server-side scan can be ame using our CLI interface and our Jenkins plugin, GitHub and GitLab actions. In case of SAST, your code is encrypted with AES-256 and sent to the Server via TLS 1.3. At Server-Side it will be decrypted in an anonymous encrypted folder and stored during the scan time only, and safely removed at the end.

While application security is a critical priority for development teams, managing security testing within an integrated development environment has often been a significant challenge. Developers who are pressing to meet deadlines in agile or waterfall software development processes are often already managing a variety of separate tools. To improve application security, Cloud Reviewer offers a suite of desktop, web and mobile app security testing solutions in a SaaS-based service that can be seamlessly combined in an integrated development environment to find and fix flaws at any point in the SDLC. Visual Studio, Eclipse and Android Studio integration is provided.

In case you have your code stored in GitHub or GitLab repositories, we offer full integration, the scan will be made on-the-fly with no need to clone the repo.

Open

• Pay-per-Scan. Small activation fee and pay a best-price fee for each SAST, DAST, SCA scan. Suitable for small organizations. 1 User. No LOC limits. Each customer has its own private space. Standard Support.

• Professional: Pay-per-User. Starting package of 5 Users, 1 year subscription, unlimited SAST, DAST, SCA scans, unlimited Apps-Products, unlimited LOC. For each customer a separate Server is provided. Standard Support. With an additional fee you can add Gold Support to the subscription.

• Developer. Professional (Pay-per-User) + IDE and DevOps integration. Access to our SaaS directly from your preferred IDE and your preferred CI/CD Platform.

• Enterprise. Unlimited Users. yearly subscription, Unlimited SAST, DAST, SCA scans, Unlimited Apps-Products, Unlimited LOC, Unlimited Repositories. Additionally you can add Mobile Reviewer in SaaS mode (available for EU market only). Standard and Gold Support

For detailed information about Support, please refer to:  https://securityreviewer.atlassian.net/wiki/spaces/KC/pages/2442100737/Support+Maintenance

Saas solution offers:

Flexibility: you can choose a Plan based on your initial needs and increase it in case of necessity.

Scalability: you don’t need to increase your IT infrastructure, we provide you all the necessary storage and performance when changes in increased workloads are required.

Accessibility: Every time from everywhere.

Availability: uptime of the application over 98%.

Reliability: 99 percent success rate in transactions completed to the database.

Cost saving: No needs of an IT infrastructure. it does not require any initial investment and allows the OPEX to be supported only on the basis of specific needs of the moment. No time/money spent in products installation/configuration/update.

Security: Assurance of maximum Security compliance based on SLA. Security Reviewer places the utmost importance on data security. We handle your data in compliance with the most important Standards and Regulations regarding Privacy and Data Protection. For more information on what data is managed, what are the rules by which we access and transfer and store your data, data encryption, SOC2 compliance, regulatory requirements, and the response to data breach or security threat, please refer to our Security and Compliance Policy.

Privacy: When Enhanced Code Security is applied, your source code never leave your infrastructure

You have three options:

• Standard: In the Folder mode, you submit your zipped source code via TLS 1.3. During upload, it will be AES-256 Encrypted and stored server-side in an encrypted folder. Finally, it will safely removed at scan end. After scan completion, you can drill down to your Findings as well as the few lines around the vulnerable code (n. of lines is configurable).

Open

• GitHub/GitLab integration: You can also pull the code from a private GitHub/GitLab Repository. The scan will be executed on-the-fly, without downloading your source code or cloning the repository outside your secure GitHub/GitLab workspace. GitHub/GitLab integration is set up for your own User account, not for an Organization. GitHub/GitLab integration settings apply to all Organizations associated with your User account but do not automatically apply to other user accounts in an Organization.

• Enhanced: The Static Reviewer Local Analyzer is the local solution for your code analysis. 

  With this tool, you can analyze your source code without uploading it to our cloud or anywhere that might be deemed unsafe.

Open

Only the results of the analysis are shown in the dashboard. The source code will be pre-processed using a downloadable Desktop App (Static Reviewer Local Analyzer) and only the raw results will be encrypted with AES-256 and transmitted via TLS. In the dashboard, Reports and Findings will only show few lines around the vulnerable code (n. of lines is configurable). Your source code will never leave your PC.

Open

cloudreviewer.it service is reserved to Italian Government Institutions, with the same high-quality services but located in a different Data Center infrastructure, hosted in Bergamo (Greater Milan Area), handled by Aruba Networks IaaS Provider, official ACN Cloud Infrastructure provider (IN-56). It guarantees adequate levels of security for Public Administration’s services and data, progressively increasing the quality and reliability of cloud service providers.

The Global Cloud Data Center is the largest data center campus in Italy, with a surface area of 200,000m2 in Ponte San Pietro (BG), just a few minutes from Milan. All facilities have been designed and built to meet or exceed the highest levels of resilience, in accordance with ANSI/TIA-942 Rating 4 requirements and the ISO 22237 standard, the international benchmark standard for the entire life cycle of a data center, from strategic conception to building and operation. At the IT3 Data Center, traffic can be exchanged with all the operators on the Milan Internet eXchange in Milan, thanks to the MIX Point of Presence.

It is composed by:

Open

SLA - 99,95% of Service Availability on yearly-based for Internet Accessability to Infrastructure for http://cloureviewer.it/ up to
100% on yearly-based for power-supply and environmental air conditioning.

• Dedicated Servers only

• Servers Hardware Brand: HP

• Rating 4 (former Tier 4) ANSI/TIA 942-B-2017

• Maximum logical and physical security with armed surveillance 24/7 and 7 levels of access

• Anti-sismic and hydrogeological risk-proof

• Up to 60MW of power

• Self-produced hydroelectric and photovoltaic energy

• Double multi-modular power center with UPS boasting 2N + 1 redundancy

• Made-to- measure power of up to 40kW per rack

• Redundant emergency generators with 48-hour full-load autonomy without refuelling

• Data hall made entirely of firewalls and ceiling with double insulation

• Carrier neutral data center with optional managed connectivity

• Made-to-measure colocation solutions: from rack units to a dedicated data center

• Storage and office space available to customers

See the Data Center datasheet with Certification and Compliance.

See the Data Center Racing Team Certifications.

cloudreviewer.net SaaS service is provided to Europe, Africa & Middle East Enterprises and Institutions seeking for an high-quality SaaS service for SAST, SCA, DAST, MAST, ASPM and Vulnerability Management, as described above.

Open

French DataDock and other 4 Data Centers in UK (London) and Germany (Munich, Nuremberg) have been in planning since 2003 and first became operational in 2010. The primary aim was a certain energy efficiency, to reduce both environmental impact and also operating costs. With the integration of a unique well-cooling into the data center concept, energy consumption can be kept so low that it has been acclaimed the greenest data center in Europe.

Privacy and Control over Data

As Europeans we understand the importance of Data Protection and Privacy. Our IaaS Providers are not only 100% GDPR compliant, but also the entire companies are organized in such a way that you retain the maximum control over your data. We respect your privacy and that's why unlike some of our competitors we don't collect data on what runs on Dedicated Server instance.

• IaaS Providers: Contabo and Server4You

• Fully redundant MPLS ring structure with a total capacity of 550 Gbit/s

• Backbone connects the data center on one path directly with Frankfurt, as well as on another redundant path over Paris and Brussels

• All data is delivered to the Internet with optimal performance and accessibility

• 66% less power consumption for the data center infrastructure, when compared to the average data center

• 25% less overall energy consumption

• Electrical supply: Transformers, low-voltage mains distribution, UPS components and generators each with n+1 or 2n+1 redundancies

• Cooling: Well systems, pumps and cooling circuits each with n+1 or 2n+1 redundancies

• Auditing: Highest attainable rating of five stars in 2013 from Datacenter Star Audit (DCSA)

• Core backbone Frankfurt-Strasbourg: 100 Gbit, Deutsche Telekom: 17x 10Gbit, Level(3): 10x 10Gbit, TeliaSonera: 8x 10Gbit, Cogent: 5x 10Gbit, Telefónica: 3x 10Gbit, DE-CIX: 6 x 10Gbit, ECIX: 6 x 10 Gbit

Only Brand New Hardware

Open

Our IaaS Providers only use brand new enterprise-grade hardware from trusted brands. Dedicated servers are built in cooperation with Dell, HPE, AMD, and Samsung.

For North, Central and South American Enteprises and Institutions, cloudreviewer.com provides the same services described above, located in the US East (New York), US West (Seattle) and US Central (St. Louis).

Open

They became operational in 2013 and is currently considered one of the most modern data centers worldwide. It stands out particularly for its strategically optimal location in the heart of the USA, has connectivity to all major carriers and sits directly on the main artery of the American network.

• They are located in New York, Seattle and St. Louis, with best connectivity for both the East and the West Coast

• Fastest route is always selected automatically

• Completely redundant layout: Upon loss of one carrier, the system rapidly switches to another backbone

• Availability is permanently maintained

• Space: 14,000 sq ft

• Capacity: 2MW generator, UPS-protected

• Cooling: 17x 30 ton CRACs = 510 tons total cooling capacity, redundant cooling loop

• Audited in accordance to SOC2 (Security Operation Center)

• Cogent: 6x 10Gbit (+ further 10x 10Gbit available), TeliaSonera: 6x 10Gbit

cloudreviewer.biz is provided to Eastern Countries, for Enterprises and Institutions seeking for an high-quality SaaS service for SAST, SCA, DAST and Vulnerability Management, as described above.

Our Services are hosted in Tier 3 & Tier 4 Data Centers, located in:

• Mumbai, Noida (India). IaaS Providers: MilesWeb and Webyne

• Sidney (Australia). IaaS Provider: Contabo

• Tai Seng (Singapore). IaaS Provider: Contabo

• Tokio (Japan). IaaS Provider: Contabo