ReSalt and Positive Technologies: Security Analysis and Code Storage System

2025: Release of "Code Security and Storage Analysis Systems"

ReSolut and Positive Technologies announced the release of the Code Security and Storage Analysis System bundle on March 13, 2025. The solution will help organizations of all sizes ensure sovereign and secure software development.

The software package includes proven domestic tools - a platform for working with, source code GitFlic a scanner for searching and analyzing vulnerabilities source code and working with external libraries and dependencies (PT Application Inspector SAST, SCA, SCA with checking the reachability of the function), as well as a tool for dynamic analysis of software security (PT BlackBox DAST). All components of the bundle are included in "" and Register of Russian Software Ministry of Digital Development meet all the necessary standards, including GOST R 56939-2016, in addition, PT Application Inspector is certified. FSTEC of Russia

The complete solution is designed to provide secure storage and code management with GitFlic's built-in support for project access control and teamwork optimization, integration with CI/CD processes to automate development.

AppSec tools from Positive Technologies ensure the security of released software at the earliest stages, check for compliance with security standards, as well as search for vulnerabilities in existing applications and assess their security. The bundle minimizes the risks and costs associated with the transition to a domestic development infrastructure, provides centralized documentation and support in a single window format.

The "Security Analysis and Code Storage System" comes in three versions:

1. Static analysis of the source code hosted in the repository (GitFlic Self-hosted Enterprise and PT AI Enterprise);
2. Dynamic vulnerability analysis of web applications (GitFlic Self-hosted Enterprise and PT BlackBox);
3. Code security analysis and storage system (GitFlic Self-hosted Enterprise, PT AI Enterprise and PT BlackBox.

Each option supports two levels of technical support - "Standard" and "Advanced." The cost of the software package is calculated on the basis of the cost of the platform for storing code, as well as products for static and/or dynamic analysis.

The solution is aimed at government and commercial organizations engaged in software development and striving to use secure, proven solutions. The distributor of the joint solution is Axoft, which also provides technical support for the Security Analysis and Code Storage System.

The system of security analysis and code storage is an integrated approach to ensuring a safe and sovereign software development process for Russian organizations, combining domestic technologies to protect data and minimize risks. We are confident that the software product will become an assistant in ensuring code cleanliness and software development efficiency for our customers, "said Maxim Kozlov, CTO of the GitFlic platform.

Secure development requires not only effective analysis tools, but also a single convenient environment for work. With the integration of GitFlic and AppSec solutions from Positive Technologies, companies have a set of tools for the safe and cost-effective process of creating software. Source code analysis and the right tool for working with external dependencies, which shows only relevant vulnerabilities and not the entire CVE list, is what really reduces the cost of fixing vulnerabilities, minimizing risks and speeding up the release of safe software, "said Alexey Antonov, director of business development for secure development Positive Technologies.