New DerScanner 3.6 Released to Support Pascal and Integrate with GitLab, GitHub, and Bitbucket

DerSecur has announced the release of a new version of its app security analyzer, DerScanner 3.6, which supports Pascal and features improved integration with GitLab, GitHub and Bitbucket code version management and storage systems.

To meet international customers’ needs, the new version of our app vulnerability and undocumented feature analyzer, DerScanner 3.6, now supports Pascal. The predecessor of Delphi, this language underpins a variety of legacy systems that organizations around the globe actively employ for their internal needs.

Tighter DerScanner integration with GitLab, GitHub and Bitbucket repositories is an important step towards better automation of code vulnerability scanning. This integration allows the analyzer to monitor, in an unattended mode, the appearance of a new code version in a repository, automatically start analyzing new code fragments for vulnerabilities, and then send scan results to employee in charge. While the above functionality previously required manual configuration, since version 3.6, it has been available out of the box. Remarkably, the new code appearance is now monitored not via a CI/CD server, but directly from the repository by means of push- and tag-events. This makes life easier for those companies that do not use CI/CD servers or bypass them in their development activities.

The new version is also more user-friendly. Therefore, its interface now supports the creation of empty projects that do not contain any scans but allow for integrations with repositories to be configured in advance in order to automatically analyze a code in the future. This feature is relevant, for example, when developers fail to prepare the code before DerScanner implementation in their company, while the customer wants to start vulnerability monitoring from a more or less complete app version.

In addition, the interface allows for event log exporting, which is useful, for example, when an error was made when starting a scan and the analysis process was not performed correctly, but the customer cannot figure out the cause of failure on their own. Now, a user can export required log files from the system in a couple of clicks, and DerScanner technical support specialists will quickly fix the error and help to start the process correctly.

Moreover, DerScanner also supports Prometheus multi-platform analytic tools and Grafana interactive visualization, which is good news for large companies that already leverage these tools for system health monitoring. This functionality is demanded by those customers that need up-to-date information on analyzer state at a time, including high process latency, failures, system load and performance, etc.