Code Security (SAST)
Uncover code vulnerabilities
Automatic code scans uncover safety vulnerabilities in minutes. Kiuwan Code Security (SAST) is available as an affordable SaaS or on-premise solution for teams and companies of all sizes. Kiuwan SAST checks and confirms code compliance using the most stringent security standards such as OWASP and CWE and flags any existing weaknesses. It covers all key languages and can be easily integrated into the leading DevOps-tools.
Advantages
Transform DevOps into DevSecOps
DevOps represents a milestone for agile software development. Within the software development lifecycle (SDLC), DevOps is a response to the speed and expandability needed for success in today’s environment. But what about security? The “old school” approach was to ask security experts to test and review applications following completion of their development. However, Kiuwan’s flexible integration options mean that code security tests can become a core component of each SDLC phase.
Why Kiuwan?
Kiuwan Code Security is a cutting edge SAST solution. There is much more to it than only its ability to conduct static security analysis. With SAST, Kiuwan aimed to achieve fast and accurate results. SAST is easy to install, has an intuitive user interface and comes complete with an extensive start configuration. Kiuwan reduced the implementation time substantially to just a few days. Scan results are available in seconds rather than days, are highly accurate and have a low false positive incidence. The solution is highly configurable to suit your specific needs.
Additional functions
Kiuwan Code Security provides a comprehensive overview of all security vulnerabilities identified in the source code. It uses industry standard criteria to assess the threat level inherent in identified vulnerabilities. You can create action plans to fix weak spots by either estimating the amount of developer effort needed or defining your target assessment. You determine how you want to evaluate application risks. As a multi-language solution, Kiuwan Code Security covers most programming languages which means that every single application can be tested.
Vulnerabilities that Kiuwan detects:
-
- Uninitialized variables
- Application misconfiguration
- Predictable access- or session data
- Directory indexing
- Insufficient authorisation / authentication
- Automatic reference counting
- Faked cross site requests
- Information leaks
- Insufficient transport layer protection
- Insufficient binary protection
- Scripting independent of location
- Injection attacks
- Inter-process communication
- OS command
- Insecure cryptography
- Buffer overflow
- Free non-dynamic variables
- Use after free
- Double-free / double-close problems
- Format string weaknesses
- Pointer variable access to local variables
- SQL injection
- … and more
Reliability problems:
-
- Race condition
- Division by zero
- Deadlock scenarios
- NULL pointer dereference
Key characteristics of the Kiuwan IDE plugin:
-
- Easy installation. All you need is the IDE of your choice, a Kiuwan account with the IDE plugin, licences for your developers and an internet connection.
- Compatible with different IDEs. Kiuwan includes plugins for Eclipse, JetBrains, MS Visual Studio, VS Code and others.
- Kiuwan adapts to your needs. Filter errors by their occurrence on file, package, application or workspace levels.
- Practicality. Selecting a problem in the dashboard takes you directly to the relevant file and line of code.
- Everything at a glance. The editor highlights the affected file, prioritises the error and provides useful tool suggestions.
- Expandable functionality. Additional dashboards can display code metrics such as program complexity.
- Easy maintenance. The plugin benefits from automatic updates.
Fix problems and vulnerabilities more cheaply and quickly