Kaz Security Lab uses Solar appScreener to validate customer software

2022: Using Solar appScreener

On March 31, 2022, Rostelecom-Solar announced that the Kazakh testing laboratory KazSecurity Lab uses a static Solar appScreener code analyzer to provide services for checking customers' software for compliance with information security requirements. The capabilities of the product allow laboratory specialists to detect vulnerabilities in the code and make recommendations for developers to correct errors. The project for the implementation of Solar appScreener in KAZ Security Lab was implemented together with the distributor RSsecurity.

According to the order of the Minister of Digital Development, Defense and Aerospace Industry of the Republic of Kazakhstan No. 111/NҚ, the source code audit is one of the types of tests for compliance with the IB requirements for informatization objects, which are listed in paragraph 2 of article 49 of the Law "On Informatization." Successful safety tests of the source code are a prerequisite for taking the information system into operation.

The KAZ Security Lab provides a wide range of information security services. Experts are engaged in analysis of the source code of software, network infrastructure survey, load test, survey of IB software processes.

Use Solar appScreener to test customers' server and web applications in the KAZ Security Lab. Since the beginning of the use of the Rostelecom-Solar static analyzer, laboratory specialists have tested and prepared 7 information systems for operation.

When choosing a scanner for analyzing the source code of our customers' information systems, we considered the solutions of vendors from different countries, "said Bauyrzhan Tasybayev, Director of KAZ Security Lab. - Opted for Solar appScreener for a number of reasons. First of all, it is an intuitive interface, a large vulnerability base, a separate classification of unauthorized access threats, as well as the ability to binary analysis. The latter allows us to check for vulnerabilities running files of software products that are being tested in our laboratory.

KAZ Security Lab also noted the quality and operational technical support of Solar appScreener, which is provided by Rostelecom-Solar and distributor RSsecurity.

Government regulators in different countries attach great importance to the practical aspects of information security. One of them is the real security of the software used, "said Daniil Chernov, director of the Solar appScreener Center of Rostelecom-Solar. - It is impossible to eliminate vulnerabilities in information systems without a qualitative analysis of the source code made by tools that use advanced technologies and complex threat search algorithms. Solar appScreener is the optimal tool for testing laboratories. It detects all known vulnerabilities while reducing inspection time by minimizing false positives.