DerScanner Expands its Application Security Testing Platform to 43 Programming Languages and Improves Open Source Security

DerSecur, the innovative developer behind DerScanner, is excited to announce a significant expansion of its programming language coverage, now including an unparalleled total of 43 languages. This update introduces YAML, TOML, SQL, Bash, PowerShell, and XML to its arsenal, solidifying DerScanner's position as the most comprehensive SAST tool available. Additionally, DerScanner has introduced a new approach to open source security and software composition analysis, setting a new industry standard for accuracy and efficiency.

Expanding Programming Language Coverage:

The inclusion of six new programming languages addresses critical areas of modern computing environments and software development practices:

• Infrastructure as Code (IaC) Security: With YAML and TOML support, DerScanner extends its capabilities to the realm of IaC, ensuring secure configuration management and deployment practices in cloud and server environments.
• Comprehensive Database Security: The addition of SQL allows for direct analysis of database queries and scripts, enhancing protections against SQL injection and other data-related vulnerabilities.
• Scripting Language Coverage: Support for Bash and PowerShell scripts bolsters security in automation and administrative tasks across Unix/Linux and Windows platforms.
• Application Configuration Security: By including XML, DerScanner enhances its ability to scrutinize application configuration files for potential security risks.
• Cross-platform Security Assurance: This update reinforces DerScanner's commitment to providing a universally applicable security solution, catering to a diverse range of platforms and environments.

Redefining Open Source Security: 

DerScanner has completely reinvented software composition analysis by developing a proprietary engine that dramatically reduces false positives associated with vulnerabilities in open source dependencies. Unlike traditional approaches that may over-rely on tools like Dependency Track, DerScanner's engine is designed to accurately identify genuine vulnerabilities, leveraging up to 10 in-house and publicly available vulnerability databases.

"Expanding our support of a total of 43 programming languages underscores our commitment to leadership in the application security space. It ensures our users can thoroughly audit their applications, no matter the language or framework. Coupled with our reinvented approach to open source security, which dramatically lowers false positives, we're enhancing the efficiency and accuracy of security practices. These steps forward embody our dedication to enabling secure software development," said Dan Chernov, CEO of DerScanner.

About DerSecur

Since its inception in 2011, DerSecur has been at the forefront of application security. Its flagship product, DerScanner, represents the pinnacle of security technology, capable of analyzing both source and binary code. DerSecur's team of 70 experts continues to push the boundaries in application security research and development.