Solared APPscreener to Check Smart Contract Security

12.10.2017

Solared Cyber Security, a vendor of cybersecurity management and target monitoring products and services, has unveiled a new version of Solared APPscreener, the only solution that does not need source code access to check apps for vulnerabilities.

First and foremost, Solared APPscreener 2.6 now supports the Solidity programming language, which is used to create smart contracts for blockchain-based transactions. Smart contracts are among the most promising blockchain application areas and have become a key part of initial coin offerings (ICO), via which startups raise funds.

“Blockchain-related technologies are extremely popular today,” said Dan Chernov, Global VP Application Security. “Just like any other new technology, smart contracts are risky, because their level of security cannot keep up with their popularity, and people may lose real money should any successful attack occur. Therefore, we believe it’s crucial to promptly address new challenges and tailor Solared APPscreener to changing market needs.”

In addition, Solared APPscreener can now detect errors and vulnerabilities in HTML5, with developers being confident that their web apps are not only state-of-the-art and easy-to-use, but also secure.

The new release also features C/C++ app analysis technology improvements, coverage of Visual Studio projects, and expanded vulnerability search rule bases, including those for ABAP and Delphi.

Always user-friendly, Solared APPscreener has been improved even more, with it now being possible, for the first time, to download projects from local desktops in .7z, .ear, .aar, .rar, .tar.bz2, .tar.gz, .tar, and .cpio formats via an even more intuitive interface.

Moreover, the new Solared APPscreener has a plugin for the Jenkins continuous integration server and is able to track scanning status via email—one more step towards even better integration with secure application development lifecycle (SDLC).

Scanning reports can now be exported in line with the vulnerability classification adopted in HIPAA, in addition to OWASP Top 10 2013, OWASP Mobile Top 10 2014, OWASP Mobile Top 10 2016, and PCI DSS standards, thus making it much easier for developers to comply with regulatory requirements.