Augmenting software security experts
Using our Security Review Environment
Using our Security Review Environment
Why — Criminal hackers are getting smarter every day. To combat them, we are empowering ethical hackers: we are giving security analysts the toolbox to work far more efficient.
How — That toolbox is our Security Review Environment (SRE). Most security analysts use an Integrated Development Environment (IDE) to analyze software, even though IDE’s are designed for writing software. Our SRE completely supersedes the IDE for security experts.
What — The Security Review Environment is tailor made for security analysis: it has features ranging from keeping track what is reviewed, to symbiotic taint analysis. It automates mundane analysis tasks, and decreases the effort to write reports, so security analysts can focus on finding vulnerabilities. This enables security experts to deliver more quality in less time.
Analysts can place codemarks on the code; externalizing their security review methodology. They help decomposing vulnerabilities into the causing code and help visualize complex relations.
Our SRE enables analysts to easily see the changes in code since the last commit including the previously created codemarks. This enables quick iteration and efficient delta work.
Being a web-based environment, the SRE boosts cooperation since multiple analysts can see the work of their colleagues in real time.
Symbiotic Taint Analysis (STA) assists analysts in identifying security paths in the code. This is an enormous time saver for analysts.