5 out of 5 (4 Ratings)

4 Verified Reviews

Sparrow SAST

Easy and accurate analysis

I am searching for a source code analyzer in order to use for the blood drive management system, which is a web application. Among source code analyzers in Korean market, I knew that Fasoo is one of the best companies in the software security market so I finally chose SPARROW to purchase. Each developer analyzes their source code by SPARROW Whistle manager on their PCs, and some developers use plugin modules. After that, the general manager analyzes all the source files and detemines if the program can be realsed or not. This is how to my company usually uses SPARROW, and my customers are satisfied with these secure coding processes.

Sparrow SAST

Well-known static source code analyzer that supports compliances

We have been using Sparrow for our mobile app and web application of Credit Bank. More and more financial companies began to adopt a static code analyzer as the financial technologies have expanded. We started e-business as well, so we needed Sparrow to test our applications' source code based on compliance issues. As a financial company, we need to secure our customers' sensitive data on the web or mobile services, and it is important to give them trust while using the services. We usually analyze our source code by pre-set secure coding checkers that Korean government has benn issued, and other financial compliances are included. Sparrow supports Spring and Struts frameworks, so we can integrate with our system without any problems.

Sparrow SAST

Best source code analyzer for configuration management system

In order to verify and remove security vulnerabilities according to the compliances, we decided to buy a SAST tool and SPARROW was the best qualified option of our list becuase it has certifications, for intance Good Software(GS). We installed SPARROW as a developing infrastructure, hence it can be integrated with our existing CI, ITSM, and SVC systems. We had been developing new systems, and which had to be smoothly linked to the existing systems. We expected SPARROW to integrate with the new and existing system without any problems. We think that SPARROW is easy to use and outputs the accurate result. In addition, SPARROW integrated with our system seamlissly so that the developing processes worked well.

Sparrow SAST

Satisfied compliance issues and remove security vulnerabilities

We needed a static application security tool for developing a Home Trading System (HTS) and a Mobile Trading System (MTS). Because of not only compliance that Korea government issued but also the protection of the web application vulnerabilities, we decided to adopt SPARROW to analyze our program source code and provide a secured web and mobile application to our customers. Especially, we were worried if SPARROW could support our framework, such as ProFrame that we are using now, but it was not a matter. SPARROW supported both all the languages and proframes that we are using now. Also, integration with our configuration management system was successful.