New Solared APPscreener released with dynamic and interactive application security testing modules


Solared Cyber Security, a vendor of cybersecurity management and target monitoring products and services, has announced a new release of Solared APPscreener, a source code security audit solution.

The new release features dynamic and interactive application security testing (DAST/IAST) modules supporting fuzzing techniques and fuzzing requests modes. The synergy of static, dynamic, and interactive tests ensures more comprehensive checks for app source code vulnerabilities, errors, and backdoors.

"Today, our product is mature enough to shape development vectors in line with our customers’ needs, including the list of supported languages, reporting, interface, new technologies and so on," said Daniil Chernov, Head of Solared APPscreener Practice at Solared Cyber Security. "Although underlying technologies are rather sophisticated, we are still committed to making experience with Solared APPscreenerstraightforward and user-friendly, also for security officers who sometimes lack development skills.”

The new release supports many more programming languages and now analyzes also C/C++ (including OpenMP), Ruby, T-SQL, and Visual Basic 6.0 apps.

In addition, Solared APPscreener 2.2 features new vulnerability search rules for those programming languages supported by previous product versions, such as Java, Scala, PHP, Objective-C, Java for Android, JavaScript, Swift, Python 2, Python 3, PL/SQL, and C#.

Solared APPscreener 2.2 offers more capabilities to analyze iOS apps. The support of Swift 3 programming language and integration with XCode 8 development environment and Apple Clang 8.0 compiler ensure the maximum coverage of iOS apps being available for analysis. The module for iOS app downloading from App Store is compatible with all current iOS versions.

The Solared APPscreener interface was improved to provide extra capabilities while retaining streamlined user experience. Users can now export scan findings and prioritize vulnerabilities according to OWASP Top 10 2013, OWASP Mobile Top 10 2014 or PCI DSS 3.2 classification.

The developers of Solared APPscreener 2.2 were also committed to improving analytical tools. A built-in inter-project analytics module can aggregate projects into groups and make group summaries. The users can now enjoy statistics on the number of scan jobs done, scan time, the number of code lines, security rating, and the number of vulnerabilities by severity level. All these data and their changes may also be displayed as diagrams.

Finally, Solared APPscreeneris now compatible with CentOS and macOS.