Static Reviewer is the SAST (Static Analysis Security Testing) part of Security Reviewer suite, built on top of the lessons learned through hundreds of thousands of scans performed since 2001, constantly evolving to match new technologies and threats. It is guided by the largest and most comprehensive set of secure coding rules and supports a wide array of languages, platforms, build environments and integrated development environments (IDEs). Compliant with: OWASP, CWE, CVE, CVSS, MISRA, CERT. The Rule Engine with its internal multi-threaded, optimized state machine based on Dynamic Syntax Tree, is the fastest in the market. It does not need any internal or external DBMS to run, and it is fully extensible via XML. Its unique capability to reconstruct an intended layering, makes it an invaluable tool for discovering the architecture of a vulnerability that has been injected in the source code, with very rare cases of False Positives.
- Partner Security Reviewer Srl Partner's Website
- Platform SLED 15, SLES 15, SLED 12, SLES 12
- Hardware Architecture x86-64
- Certification SUSE Ready
This icon indicates whether the software provider has flagged the compatibility of the application with the SUSE High Availability extension. Success may include the application running in an HA environment, or it may include extensions to the application to exploit and integrate with the HA feature. Please see the software provider's web site for more details.
Integrated System Available
This icon indicates whether a pre-built, pre-configured integrated version of the application is available. This may also be called an appliance and may be packaged as a hardware appliance, a software appliance, or a virtual appliance.
This icon indicates whether the software provider supports the application in any of the virtualized environments that work with SUSE Linux Enterprise. These may include one or more of Xen, KVM, VMWare, or other hosting environments. Also note that virtualization support can mean that the solution can be used in the cloud environment. Please see the software provider's web site for more details concerning which environment(s) are supported by the provider.