DerScanner

DerScanner is an application security tool used to identify vulnerabilities and backdoors using various analysis methods (SAST, DAST, SCA) and integrate with other tools for embedding in SSDLC. DerScanner supports static analysis that can check apps written in 36 programing languages.

The DerScanner SAST module can perform static analysis not only of the source code, but also of executable files (binary code). In addition to the static analysis module, DerScanner includes a dynamic analysis module that can analyze web applications for vulnerabilities by simulating malicious external attacks and exploiting common vulnerabilities.

The DerScanner solution also provides correlation of static and dynamic analysis results, so that the vulnerabilities, found using the static method, can be dynamically validated. Therefore, correlation of the results obtained during the SAST and DAST analysis is one of the key advantages of using this solution. DerScanner SCA module can also be used to analyze the software composition for security vulnerabilities, get recommendations for replacement, and search for outdated components.