Sparrow Introduces Newly Updated Sparrow Cloud and Sparrow SCA at Black Hat USA 2022

LAS VEGAS, Aug. 3, 2022 /PRNewswire/ — Black Hat USA 2022, the leading information security event, is taking place from August 6 to 11 virtually and in-person at Mandalay Bay Convention Center, Las Vegas, Nevada.

Sparrow, a global application security testing leader, has participated in the Black Hat conference since 2018 and introduced its new solutions and features at the events. This year, Sparrow is announcing its newly upgraded Sparrow Cloud and open-source management solution, Sparrow SCA. 

Sparrow Cloud is a single platform for managing security and quality issues of both source code and web applications: running static and dynamic tests, checking test results, marking vulnerability status, and generating reports.

Since its introduction in 2018 as a cloud-based static application security testing service, Sparrow Cloud has been evolving continuously. Sparrow Cloud added dynamic analysis in 2019 and an integrated service that combined static and dynamic analysis in 2020 and is now introducing its open source management service.

Although this open-source management SaaS service will not be available until the beginning of 2023, visitors can experience the solution at the event beforehand.

Sparrow SCA will analyze source code and binary files for open source license information and security vulnerabilities and generate detailed results into reports and SBOM (Software Bill of Materials) in global standard formats: SPDX, CycloneDX, and SWID Tags.

Sparrow Cloud SAST supports 16 languages including ABAP, ASP(.NET), C#, HTML, Java, JSP, JavaScript, Objective-C, PHP, Properties, Python, SQL, Swift, VB.Net, VBS, and XML. When users start the static analysis on Sparrow Cloud, it will naturally identify the languages of the code, and use checkers fit for the language.

Sparrow Cloud DAST tests running applications and identifying security vulnerabilities in them. Sparrow Cloud DAST enables users to run tests from AJAX to web elements by using dynamic methods HTTP. Sparrow Cloud can scan JavaScript applications by replaying browser events as well.

Sparrow Cloud was also launched in AWS Marketplace last March and enabled users to quickly identify, analyze, and remediate their applications, including software and web applications for security vulnerabilities without any hardware or other installation.

About Sparrow Co, Ltd

Sparrow, the application security and quality testing service provider, offers the application security ecosystem that includes Sparrow SAST/SAQT, intelligent static application security, and quality testing tool, Sparrow DAST, a powerful dynamic application security testing tool with an IAST module, Sparrow RASP, a web application self-protection tool, Sparrow SCA, open-source license identification and security vulnerability management tool, and Sparrow IHUB, a DevSecOps management solution. Sparrow’s application security solutions are designed to help companies to implement DevSecOps, enabling them to continuously monitor and improve the security of their applications and development throughout their software development life cycle (SDLC).