TECH OFFER

Comprehensive Application Security and Quality Testing solution, On-Premise and SaaS Cloud

KEY INFORMATION

TECHNOLOGY CATEGORY:
Infocomm - Security & Privacy
TECHNOLOGY READINESS LEVEL (TRL):
LOCATION:
South Korea
ID NUMBER:
TO174237

TECHNOLOGY OVERVIEW

Sparrow offers the application security ecosystem that includes Sparrow SAST/SAQT, intelligent static application security, and quality testing tool, Sparrow DAST, a powerful dynamic application security testing tool with TrueScan (IAST module), Sparrow RASP, a web application self-protection tool, and Sparrow InteractiveHUB, a web application interaction and management platform. These solutions are designed to help companies to implement DevSecOps, enabling them to continuously monitor the security of their applications and development throughout their SDLC.

TECHNOLOGY FEATURES & SPECIFICATIONS

Sparrow SAST/SAQT is a semantic based-static code analysis tool that detects critical software vulnerabilities at the early stages of software development with machine learning capability. Sparrow’s static analysis solution obtained many certifications including CC, CWE, ISO26262, etc. The solution also supports various international compliance standards and guides including OWASP, CERT C/C++, MISRC C/C++, etc. Sparrow SAST/SAQT received 94.8 ratings from OWASP benchmark testing and was also included in the Gartner Magic Quadrant for Application Security Testing 2017. Sparrow DAST is a powerful dynamic application security testing tool that can analyze web applications in their running state during testing and operational phases. Sparrow DAST is equipped with the market’s most advanced technologies including event replay and IAST capability to enable it to detect security vulnerabilities beyond what conventional DAST tools could not detect. Sparrow RASP is a runtime application self-protection solution that protects web applications against application-layer attacks in real-time. Sparrow RASP can track all external request parameter data and DB query result data and the processing of collected external data within WAS that can record issues and block requests if threats or vulnerabilities are detected while tracing.

POTENTIAL APPLICATIONS

Sparrow solutions can help companies, the financial sector, or government agencies to eliminate security and quality issues from their applications during SDLC.  1) Sparrow's static analysis solution, SAST/SAQT can help customers in the coding or building stage of SDLC to eliminate issues from the source code.  2) Sparrow's dynamic analysis solution, DAST, can identify and help to remove security issues from web application during the testing stage.  3) Sparrow's runtime application protection solution, RASP, can offer real-time protection of running application during the operation stage.

Benefits

1) With Sparrow SAST/SAQT, customers can test both security vulnerabilities and quality issues at once. 2) Sparrow offers comprehensive application security solutions that can be used throughout the SDLC.  3) With Sparrow's solution, customers can comply with various global standards including, CWE, CERT C/C++, OWASP, etc.  4) Sparrow solution is available in both on-premise and cloud SaaS version to meet the customer's needs and environments.
RELATED TECH OFFERS
Intelligent Personal Assistants And Software Platform For Online Information Processing
Protecting Big Data Privacy Using Randomized Information Dispersal Technology
Electronic Devices Identification Using Hardware Characteristics
Driverless Data Diode and AI Extensions
Secure Remote Access Solution for Work from Home during and beyond Covid-19
A Fast and Flexible Provenance Scheme for Industrial Control Systems
Stand-off Concealed Threat Detection that Saves Lives
Wireless Data Transmission via Ultrasound in Metallic/Explosive Environment
Automated Number Plate Recognition (ANPR) Enabled Secure Visitor Management System
Zero Trust Cybersecurity for Enterprise and Cloud