SmartDec Scanner

SAST new generation tool

Request a Trial

What you get

You can choose between SaaS and on-premise version to scan your applications for vulnerabilities. Just throw source code, executables or binaries at SmartDec Scanner and get the security threats report. No debug info or any additional data needed to decompile binaries.
31 Programming Languages
SmartDec Scanner is a world leader in terms of the number of supported languages. This allows for the analysis of a wide range of apps, including those for SAP (ABAP), Sales Force (Apex), etc. The app language is identified automatically.
Binary & bytecode SAST
In addition to the source code, you can scan executable files without debug info statically. No need to request source code from developers, just obtain binaries from a system administrator or specify a link to the app on Google Play or App Store.
Minimum False Positives
Unique Fuzzy Logic Engine helps to minimize false negative and false positive rates using confidence metrics. Also, SmartDec Scanner keeps track of every single issue so there is no need to re-label them after each scan.
Easy SDLC Integration
Easy integration into SDLC processes: CI/CD servers, task tracking systems, version control systems, IDE, build tools, LDAP servers. A number of available plugins and a full API to build a custom setup.
Straightforward recommendations
Security officers get a detailed report for revealed vulnerabilities and undocumented features, as well as recommendations on how to configure application firewalls (WAF) to prevent exploitation.
No Development Skills Needed
Designed for information security officers as well as for developers, SmartDec Scanner features a user-friendly and intuitive interface and highly automated analysis. Just drag files or paste a link and click “Scan”.

Solutions

We offer several editions of SmartDec Scanner to meet your needs.
Smartdec scanner
ON PREM
If you need a smooth and effective integration of SmartDec Scanner into your software development lifecycle, on premise edition is a great solution. You can use all its features without an internet connection — SmartDec Scanner will be available as a web application on your local network. You can easily setup an automated check on a desired stage of your SDLC and just get a notification when the scan is completed.
Smartdec scanner
SAAS
If you need to perform verification of your code periodically, you can buy a licence for the required number of checks. No installation, setup or configuration is required, just drag an archive with your source code into the SmartDec Scanner, or specify a link to your repository, or enter the address of your app on Google Play/App Store and click the button — the scan is on its way!
Smartdec scanner
Blockchain Edition
SmartDec Scanner Blockchain Edition is the first enterprise-grade security tool to incorporate security rules for blockchain development. It automatically checks smart contracts in Solidity and Vyper languages, and other blockchain-related projects like mobile wallets, web3 applications, and blockchains themselves. SmartDec Scanner Blockchain Edition is integrated with other tools in the area of blockchain security.

Application of the Scanner

SmartDec Scanner is a static application security tool for detection and identification of vulnerabilities and undocumented features (backdoors). It allows you to analyze not only a source code, but also executables (i.e. binaries or bytecode) without debug info and to get much more precise results than when using DAST. SmartDec Scanner provides detailed recommendations for developers and cybersecurity officers. It can be integrated with various IDEs, CI/CD servers and task tracking systems.
Supported Languages

Supported Executables
Integrations

Clients about us

Request SmartDec Scanner trial account to check your app!
Your Name*
Your Phone*
Email*
Company