What you get
You can choose between SaaS and on-premise version to scan your applications for vulnerabilities. Just throw source code, executables or binaries at SmartDec Scanner and get the security threats report. No debug info or any additional data needed to decompile binaries.
31 Programming Languages
SmartDec Scanner is a world leader in terms of the number of supported languages. This allows for the analysis of a wide range of apps, including those for SAP (ABAP), Sales Force (Apex), etc. The app language is identified automatically.
Binary & bytecode SAST
In addition to the source code, you can scan executable files without debug info statically. No need to request source code from developers, just obtain binaries from a system administrator or specify a link to the app on Google Play or App Store.
Minimum False Positives
Unique Fuzzy Logic Engine helps to minimize false negative and false positive rates using confidence metrics. Also, SmartDec Scanner keeps track of every single issue so there is no need to re-label them after each scan.
Easy SDLC Integration
Easy integration into SDLC processes: CI/CD servers, task tracking systems, version control systems, IDE, build tools, LDAP servers. A number of available plugins and a full API to build a custom setup.
Security officers get a detailed report for revealed vulnerabilities and undocumented features, as well as recommendations on how to configure application firewalls (WAF) to prevent exploitation.
No Development Skills Needed
Designed for information security officers as well as for developers, SmartDec Scanner features a user-friendly and intuitive interface and highly automated analysis. Just drag files or paste a link and click “Scan”.
We offer several editions of SmartDec Scanner to meet your needs.
If you need a smooth and effective integration of SmartDec Scanner into your software development lifecycle, on premise edition is a great solution. You can use all its features without an internet connection — SmartDec Scanner will be available as a web application on your local network. You can easily setup an automated check on a desired stage of your SDLC and just get a notification when the scan is completed.
If you need to perform verification of your code periodically, you can buy a licence for the required number of checks. No installation, setup or configuration is required, just drag an archive with your source code into the SmartDec Scanner, or specify a link to your repository, or enter the address of your app on Google Play/App Store and click the button — the scan is on its way!
SmartDec Scanner Blockchain Edition is the first enterprise-grade security tool to incorporate security rules for blockchain development. It automatically checks smart contracts in Solidity and Vyper languages, and other blockchain-related projects like mobile wallets, web3 applications, and blockchains themselves. SmartDec Scanner Blockchain Edition is integrated with other tools in the area of blockchain security.
Application of the Scanner
SmartDec Scanner is a static application security tool for detection and identification of vulnerabilities and undocumented features (backdoors). It allows you to analyze not only a source code, but also executables (i.e. binaries or bytecode) without debug info and to get much more precise results than when using DAST. SmartDec Scanner provides detailed recommendations for developers and cybersecurity officers. It can be integrated with various IDEs, CI/CD servers and task tracking systems.
Clients about us
As a security software vendor, we keep it the #1 priority our web and mobile solutions are threat-free for our customers. Assessing them with Smartdec Scanner makes a big deal to lower vulnerability rate.
We use Smartdec Scanner as a part of our SDLC process especially to scan open source components and rapidly mitigate vulnerabilities before the application goes to production.
We are very impressed with Production SAST. You can scan just executables and get the results mapped to reconstructed source code. As easy as it gets.
Request SmartDec Scanner trial account to check your app!