DerScanner Introduces New Code Quality Analysis and Major Updates to Enhance Software Composition Analysis

DerScanner, a full-cycle application security testing platform, has announced a major update to its robust software framework, introducing nearly 100 new static code quality rules and significant enhancements to its Software Composition Analysis (SCA). This new release highlights DerScanner's commitment to delivering high-quality, maintainable, and secure code for its users while supporting compliance with key regulatory changes such as the EU Cyber Resilience Act.

“At DerScanner, we're dedicated to empowering developers with the tools they need to write not just secure, but truly high-quality code,” said Daniel Chernov, CEO of DerScanner. “Our goal with these updates is to integrate code quality and security into a single, all-encompassing platform that reduces complexity and helps developers work smarter.”

Advancing Code Quality Across Languages

The new Code Quality Analysis feature in DerScanner focuses on improving the maintainability and reliability of applications by addressing issues like legacy code, poor practices, and overly complex structures. With almost 100 new rules introduced for Delphi/Pascal and JavaScript/TypeScript, developers can easily identify and fix code errors.

“Our goal is to make writing clean, maintainable code the new standard, and this update is a significant step towards that vision,” added Daniel Chernov, CEO of DerScanner.

Enhanced Software Composition Analysis

To address the growing demands of secure application development, especially within new regulatory requirements like the EU Cyber Resilience Act (CRA), DerScanner has overhauled its SCA module. These updates deliver more accurate detection, faster scans, and improved protection against vulnerabilities in open source components of software.

The Cyber Resilience Act (CRA) plays a pivotal role in elevating security standards for digital products in the European Union. It applies to manufacturers of digital products selling in the EU and extends to distributors and importers marketing digital products under their brand. The CRA mandates sharing a top-level Software Bill of Materials (SBOM) with market surveillance authorities as part of the technical documentation provided. While open-source software and products from specific industries are exempt, the CRA represents a significant shift in security expectations for compliance.

To support clients navigating these new requirements, DerScanner’s updated SCA features include:

• Real-Time Vulnerability Updates that ensure consistent protection from Zero-day attacks with updates every 1-2 hours.
• Faster Dependency Mapping through optimized algorithms, reducing load times and boosting responsiveness.
• Enhanced Hybrid Analysis for precise detection of vulnerable functions or imports.

“Our proactive approach to SCA updates ensures that enterprises stay ahead of evolving regulations like the CRA while mitigating security risks,” said Daniel Chernov, CEO of DerScanner. “By aligning our platform with these compliance requirements, we’re empowering organizations to maintain the highest standards of security and transparency.”

A Single, Unified Platform for Developers

DerScanner distinguishes itself by combining static code analysis and code quality checks with security vulnerability detection into one seamless solution. Forget the hassle of juggling standalone tools—DerScanner provides actionable insights and automated enhancements to streamline development workflows.

“With nearly 100 new rules, DerScanner's latest update is a game-changer for those who understand that code quality and security go hand-in-hand,” said Daniel Chernov, CEO of DerScanner.

About DerScanner

Founded in 2011, DerSecur has been at the forefront of application security, continually evolving to meet the needs of a rapidly changing digital landscape. With a team of 70 security experts, DerSecur’s flagship product, DerScanner, is trusted by organizations across 47 countries for its robust analysis capabilities and innovative AI-driven security.