I am very pleased to announce the commercial release of Ecsypno's DAST/IAST offering:
In addition, server-side IAST capabilities exist for Ruby web applications, but those are going to be rolled out later on.
Codename SCNR comes in 3 editions:
- Basic -- CLI utilities to manage the scanner engine.
- + Ruby API for scripting.
- Pro -- Basic features + a Web interface to manage scans.
- Enterprise -- Pro + distributed deployment features.
- Remote Agents
- REST API
No edition imposes restrictions on the amount of:
- sites you are allowed to scan;
- scans you can perform;
- parallel scans you can run;
- scanned pages;
- time you can scan.
Codename SCNR is the result of more than a decade's worth of R&D, coming from the industry known Arachni WebAppSec Scanner Framework.
You can think of it as the new Arachni and on steroids, along with lots of extra smarts.
With Arachni being Free and Open/Public Source in one way or another for the last 13+ years, the community was speaking, and we were listening.
...you might say...
...but is it AI?
Yes (sigh) it's enough "AI" for its tasks -- glad we got that out of the way.
Intricate techniques, along with advanced heuristics and a smidgen of machine-learning cover vulnerability analysis/verification as well as performance focused scheduling quite nicely.
In what other ways is Codename SCNR interesting?
Well, the Rust language was chosen for the resource intensive parts, in order to keep performance high and CPU/RAM consumption low, and Rust is the best in that department nowadays!
The business logic is written in Ruby, and Ruby is the coolest for that sort of thing too.
Winning combinations all around!
Should any hick-ups arise, do send us your feedback and we'll be on top of the situation.
Best of regards,
Tasos Laskos -- Founder, CEO, Director of R&D.