SmartRocket Scanner is a comprehensive software component analysis tool, using intelligent vulnerability analysis engine to determine open source components and vulnerability information in the code base. The tool engine can process terabytes of open source vulnerability data by using technologies such as continuous deep learning and security expert verification, and improve the accuracy of scanning results by utilizing the unique features and vulnerability characteristics of third-party databases and open source components.
By utilizing the characteristics of known open source components, this product analyzes and mines the open source components and open source components used in software applications, and compares them with the Scanner's unique vulnerabilities and license database, in order to identify the hidden security problems in the software development and deployment phase.
Source code scan - targeted at developers；Binary file scan - Targeted at security personnel or developers
It processes up to 16 terabytes of data using cutting-edge machine learning technology and is manually reviewed by dozens of cybersecurity experts.
Not only can you check licenses in open source components, but our tools allow users to customize license scanning rules for deeper license analysis and inspection.
Show the user a view of the interrelationships of all scanned projects to help the user fix the problem faster and at a lower cost.
The only tool on the market that can scan binary files and source code simultaneously. Not only will you be able to continuously monitor the security quality of your code as it is written, but you will also be able to do a final security review of the software after the source code has been compiled into binaries.
Eighty percent of the available SCA source code scanning tools cannot scan code written in C/C++ due to features of the C/C++ language. In terms of binaries, 90% of SCA binary-scanning tools do not support the APK format. For the above special cases, the SmartRocket Scanner is fully supported.
It can not only scan out code vulnerabilities for users, but also provide code repair Suggestions for users, so that users can more closely connect the process from finding problems to solving problems, so as to better improve the efficiency of problem solving.
Through years of scientific research experience and data accumulation, it can provide users with more accurate and comprehensive scanning results. In addition, through long-term tracking of well-known open source components, we also have unpublished and exclusive vulnerability information to help SmartRocket Scanner find the most comprehensive possible vulnerabilities.