AppCodeSentinel platform is unique hybrid model for web application and site security. It is Software as a Service for enterprise and corporates. Blueinfy has designed and developed a technology platform to assess source code using combination of static source code analysis along with dynamic simulations. Platform is capable of processing several different languages and frameworks to determine possible security vulnerabilities in the enterprise applications and generates accurate reports. At runtime configuration, modifications and tuning is done by talented team who are specialized in application security and code reviews. Also, final reports are validated as well for accuracy. It makes platform unique and accurate for corporate and makes code security hassle free and less costly.

AppCodeSentinel as Service Platform

AppCodeSentinel platform has several unique features and methodologies to secure applications.

Scalable and Advanced Technology Platform for application source code   analysis.
Identifies complete set of vulnerabilities including logical security issues   and access controls.
100% code coverage and no dependencies on crawling and other   discovery techniques.
Sound proven methodology supported by unique technologies like code   fuzzing, dynamic mapping, smart entry point discovery etc.
Reverse Design Engineering (RDE) technology to map source to possible   design,it helps discovering vulnerable design patterns and   architecture   flaws.
Full support for Web 2.0 applications analysis like Ajax, Flash/Silverlight   based applications, SOAP based Web Services, Widgets, Mashup etc.
Accurate and Actionable reports for developers, program managers,   designers, architects and QA team.
Helps in satisfying compliance requirements like PCI or any other.
Integration with scanners, able to point actual source code line from   application scanner reports if required.
Report can be integrated in your enterprise WAF.
SDLC integration for critical source base.

Stages of source code analytics platform

AppCodeSentinel runs with following stages in hybrid model where combination of human intelligence along with advanced algorithms are leveraged:

Source Code Mapping and Fingerprinting – Loaded source code   gets divided into map and traces are discovered by advanced code   fingerprinting techniques.
Reverse Design Engineering (RDE) – On the basis of our mapping   technique, reverse design is created and architecture gets analyzed.
Source Code Discovery and Entry Point Analysis – Depending on   code fingerprinting and RDE various entry points get discovered in this   phase.
Attack Surface Reduction and Identification – High value and critical   blocks are segregated and attack surface get reduced for analysis.
Artificial Simulations, Tracing and Penetration Path Analysis –   Entry points are analyzed with several different techniques and   Proprietary AppCode Domain Sepecific Language (ADSL).
Vulnerability Detection and Impact Analysis – Based on Entry Point   analysis vulnerabilities are discovered.
Vulnerability Validation and Load Traversal – Validations on   discovered vulnerabilities are done by code fuzzing.
Reporting and Mitigation Plans – Final report gets created along with   mitigation planning.

For more information and demo scans please contact us at - contact@blueinfy.com