360 APPLICATION ANALYSIS
Do you know the security risk in your application portfolios and are able make informed decisions?
Security should be a seamless part of Devops. PERCEPTIVA enables a DevSecOps approach by silently adding security without the need to analyze on central servers thanks to its distributed engine and the speed of its analysis.
Kiuwan is unique in allowing the possibility of scaling its engine to as many developers as needed, while granting them secure coding practices, and assuring security by design from the outset.
Code Security (SAST)
Blazingly fast cyber threat remediation.
Automatically scan your code and identify vulnerabilities. Polyglot coverage of technologies and 3rd party integration.
Fast & collaborative: Identify and remediate cyber threats in a blazingly fast, collaborative environment, with seamlessly integration in your SDLC
Executive overview: Kiuwan SAST offers tailored reports with industry standard security ratings for application security
Set it up: Configure the level of criticality of your applications. Enjoy one of the most comprehensive sets of coding rules.
Detect and eliminate vulnerabilities
Insufficient Authorization / Authentication
Automatic Reference Counting
Cross Site Request Forgery
Insufficient Transport Layer Protection
Insufficient Binary Protection
Cross Site Scripting
Cryptographic Related Attacks
Free Non-Heap Variable
Format String Vulnerability
Return Pointer To Local
These are just a brief example.
Full compliance with security market standards
Action plans to reduce your risks
1.Set your goals
Determine the effort required by the development teams or the rating you want to achieve
Check out the progress & accomplishment of your goals, and avoid deviations
Kiuwan suggests to you where to act and to what extent. Line of code level, if needed!
Insights (SCA) - Manage risks from using Open Source components.
Insights guarantees the with a complete multi-technology solution that seamlessly integrates within the main SDLC tools.
Insights allows you to secure and manage any vulnerabilities, compliance and operational risk that may arise from using open source components.
Open source components are a significant and important part of commercial software today. By automating the process of managing these components, you ensure that your developments meet all your management needs. open source components detection, security vulnerabilities, license risk and compliance analysis and policy enforcement.
Eliminate time consuming
Eliminate time consuming and error prone process of manually compiling the inventory in an effort to determine if you’re impacted by a new security vulnerability alert or to check for license issues.
Unveil security risk
Investigate the security risks involved with your open source components and address each of them as they apply to your application.
Open source deployments often include a lot of unused features that cause dependency issues. Kiuwan code quality analysis helps identify unused code and remove it, further reducing the risk of running into dependency problems.
Kiuwan Insights is continuously updating NIST’s database for new vulnerabilities, alongside our own knowledge base and research by security experts.
What you will find
Security risks: When Kiuwan analyze your application, for every external component it search identified vulnerabilities at NIST – National Vulnerability Database. If Kiuwan finds any, it will display the details of the vulnerability and score that component in a Security Risk indicator.
New vulnerabilities: If there are new vulnerabilities that affect some of the components of your app, those components will display those new vulnerabilities (marked as New) without the need to run a new analysis. This feature will keep your components inventory up-to-date.
Duplicated components: With Kiuwan Insights you can identify different versions of the same component used by your application.
Obsolescence: With Kiuwn Insights, you can explore the exact version of the used components. This way, you would easily identify old versions of components.
Licensing information: Inspect the License type of every 3rd party component used in your application.
Code Analysis (QA) - Unparalleled scope in the detection of errors
Identify code defects & manage your remediation efforts
Blazingly fast analysis in a collaborative and unlocalized environment.
Fixing defects has never been easier. Code Analysis automatically creates an action plan with the defects that need to be fixed in order to achieve the set goals.
Support for all major programming languages
Widely integrated with your favorite tools
Fully integrated with your IDE
Kiuwan allows for a true shiflteft approach by integrating with all the main IDEs.
We cover Eclipse, Visual Studio, IntelliJ IDEA, Phpstorm, Pycharm and Webstorm so developers can visualize and analyze directly from their IDE, learning best coding practices with contextual remediation advice.
Complete visibility of your entire application portfolio
Objective information to negotiate your SLA’s
Measure external providers, understand their path from a unique vantage point.
Make informed decisions
Decision quadrants: Detect risky applications using different decision quadrants
Evolution: Predictive analytics of the evolution of your application’s portfolio.
Activity: Record the activity of your development teams and software vendors, both in application and maintenance projects or change requests.
Audit your software deliveries
Compare baseline modifications in order to detect new defects during the development process.
Define checkpoints and audits tailored to each type of project or change request.
Check control points continuously during the construction or maintenance phases to ensure that applications do not degrade over time after modifications.