SmartDec Scanner 3.2.0 Release Notes
Our team continues to develop SmartDec Scanner static analyzer. Our goal is to create a powerful analyzer with an intuitive interface. We would like to present you the latest version of our tool. See the SmartDec Scanner 3.2.0 release notes below.
Overview
We added three new languages. Now SmartDec Scanner scans code in 29 languages, which makes it a world leader in the number of supported programming languages. We made the integration with Jira flexible: you can define any parameters when creating a task in the SmartDec Scanner interface. Also, for each vulnerability found, you can now see a list of corresponding classifications: CWE, CWE/SANS Top 25, OWASP, PCI DSS, HIPAA.
Let’s take a look at the changes in detail.
Languages support
SmartDec Scanner supports new languages analysis:
- 1С
- VBA
- ASP.NET
Rule base
- Improved vulnerability search algorithms
- Added new vulnerability search rules for supported programming languages
- Supplemented vulnerability descriptions
CWE
We added references to CWE. You can view CWE and other vulnerability classifications on Detailed Results page.
Jira
We improved Jira integration:
- Restructured Jira settings page
- You can set any fields for a Jira task via JSON query
LDAP
We improved LDAP integration. You can work with large LDAP databases now.
Interface
Analysis Settings
- To exclude directories from analysis, you can use standard path placeholders now. List directories, files and/or packages that need to be excluded.
- Scan launch via API was modified. You can omit some parameter values, and they will be substituted from project settings in the interface.
- You can upload application from App Store by link without application name.
Navigation
- You can quickly go to the last scan results. Click the Go to last scan button to view the actual results.
- Go to Projects page with preset filter for scan statistics on Home page. Click the buttons to view scans completed, in progress, or pending.
Project UUID. You can copy project UUID on Project page for using in API requests.
Updated data loading indicator.
Progress-bar. We added progress-bar in Status column on Scans page.
Optimized elements layout on Home page.
Added notifications about not connected analysis modules.
We improved buttons behavior.
Reports
Source code information added. For apps loaded via link the report will contain link to development repository or store link.
We strive to make our product even better. Please feel free to request SmartDec Scanner trial via sdscanner-sale@smartdec.com. We are waiting for your feedback.
This article was created by SmartDec, a security team specialized in static code analysis, decompilation and secure development.
Feel free to use SmartCheck, our smart contract security tool for Solidity and Vyper, and follow us on Medium, Telegram and Twitter. We are also available for smart contract development and auditing work.
