Traditional Agroforestry System in India- Shifting Cultivation, Taungya, Home...
App checker
1.
2. Who are we?02
LLC “Echelon Innovations” is a progressive company created by JSC NPO
Echelon which is one of the largest Russian companies in information security.
The company was created for advanced research and developments. It is a
participant of Skolkovo Innovations Center.
3. The purpose of AppChecker
АppChecker is a cloud analyzer of the program code intended
for business processes automation.
The purposes of AppChecker:
03
trusted software development
software security control
detection of software code backdoors
program code quality review
4. Problem description
Nowadays it is necessary to monitor the code quality while software developing.
Even the largest software developers in the world regularly allow vulnerabilities
occurrence in their software.
Weaknesses and vulnerabilities in application source code lead to developer
financial and reputational risks, and also to risks of user data integrity,
confidentiality and accessibility violation.
Automatic error detection on the development stage will reduce the development
cycle, testing and correction costs, software developers and users risks.
04
5. AppChecker Technologies
Signature heuristic code security analysis on the basis of potentially dangerous
constructions signatures
[Construction base is completely compatible with CWE (Common Weakness Enumeration)
taxonomy]
Cloud access to AppChecker interface and API
Calculation of code statistics, software systems difficulty and security metrics
Data flow analysis
05
6. Competitors06
Model/product Stage Program languages Types of source code
analysis
Variants
Fortify 360 SCA Sales >20
static, dynamic,
interactive
desktop, private
cloud, public cloud
InfoWatch
Appercut
Sales >20 static
private cloud,
public cloud
PVS Studio Sales C/C++ static desktop
Positive
Technologies
Application
Inspector
Sales
ASP.NET, JavaScript,
Java, PHP, ABAP,
PL/SQL
static, dynamic,
hybrid
desktop
Echelon
AppChecker
Development С/С++, Java, PHP static
private cloud,
public cloud
7. Competitors07
Model/product Price, [RUR] Integration with
CWE
Data flow analysis Cross platform code analysis
Fortify 360 SCA
From 5,9
million a year
+ + +
InfoWatch
Appercut
n/a + - +
PVS Studio
204 800 a
year
- - -
Positive
Technologies
Application
Inspector
n/a - + +
Эшелон
AppChecker
300 000 a
year
+ + +
8. Competitive advantages08
Integration with CWE
Opportunity of collaborative work
Signature heuristic analysis method
Low price
Unified interface with AK-VS products.
Simple training process
9. Stage and prospects09
Stage
• Subsystems of static and
dynamic program code audit
service analysis for C/C++,
Java, PHP (including their last
standards) have been developed
• Subsystem of web-interface
which allows a joint work of
several experts has been
developed
Prospects
• Evolution of the source code
analysis mechanisms for
qualified search of such types of
defects as a buffer overflow,
incorrect operation with
resources or different types of
“injections” (SQL, command
etc.)
• Improvement of code review
instruments for false alarms
filtration simplification and for a
joint work of several experts.
10. Potential clients
Software
development
companies
• ABBYY
• DataArt
• EPAM Systems
• ICL Services
• Intel
• Luxoft
• Microsoft
• Oracle (Sun
Microsystems)
• …
10
Companies which do their
own internal development
• Russian Railways
• Aeroflot
• Rostelecom
• Sberbank
• …
Customer who check the
executors work
Testing laboratories
11. Contact information
107023, Moscow, Elektrozavodskaya st., 24
+7 (495) 223-23-92
8-800-100-05-02 (free call all over Russia)
www.iechelon.ru
www.facebook.com/npo.echelon
support.akvs@npo-echelon.ru
(technical support)
ext.skolkovo@cnpo.ru (all other questions)