Sold by: MEGAZONECLOUD CorporationÂ
Cost-efficient and scalable static & dynamic application security testing on cloud -Complies with the latest global guidelines - Detect security vulnerabilities in the entire source code with just simple 4 clicks - Automatically crawl and detect security vulnerabilities in web applications
Overview
The Sparrow Cloud users can run Static Analysis, test for security and quality issues of source code, and Dynamic Analysis, test for scanning vulnerabilities on web applications.
Sparrow Cloud is a single platform for managing security and quality issues of both source code and web applications: running static and dynamic tests, checking test results, marking vulnerability status, and generating reports.
Sparrow put together the essentials of a static tool, Sparrow SAST/SAQT, and a dynamic tool, Sparrow DAST, and released Sparrow Cloud. Now, individuals interested in software security can have the benefit of source code and application tests at a reasonable price.
Because the SAST tool directly tests program source code, it is essential to cover languages and frameworks in which the program is written. Sparrow Cloud supports analyzing source code in 20 languages, including Java, JavaScript, Objective-C, PHP, Python, Swift, etc. When you start the static analysis on Sparrow Cloud, it will naturally identify the languages of your code and use checkers fit for the language.
As the DAST test examines application front-ends, its test results reflect actions from the application. Therefore, it is useful to check threats that will cause direct outcomes on the application security. Sparrow Cloud can scan applications by replaying browser events. And web pages with HTML5 or Ajax can be analyzed as well.
Highlights
- Sign up and start analyzing your application in 1 minute.
- Static Analysis - An essential tool to comply with global cybersecurity guidelines including OWASP, CWE, etc. Dynamic Analysis - Pre-record actions(ex. Login, click, etc) or sequences to access hidden pages
- Static Analysis - Analyze & detect security vulnerabilities and quality issues in the source code Dynamic Analysis - Detects web application vulnerabilities with automated dynamic attacks
Details
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/month |
|---|---|---|
Sparrow Cloud_ Pro(SAST) | Detect vulnerabilities with static analysis, 60 analyses/mon | $395.00 |
Sparrow Cloud_ Pro(DAST) | Detect security vulnerabilities in web applications, 60 analyses/mon | $145.00 |
Vendor refund policy
Please see the seller website for refund details.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Please visit Sparrow support page (https://cs.sparrowfasoo.com ) and submit a support request or chat with Sparrow CS team.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By MEGAZONECLOUD Corporation
By Fortinet Inc.
By Fluid Attacks
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Static Code Analysis
Supports analysis of source code in 20 programming languages including Java, JavaScript, Objective-C, PHP, Python, Swift with automatic language detection
Dynamic Application Security Testing
Scans web applications by replaying browser events and analyzing HTML5 and Ajax-based web pages
Vulnerability Detection
Identifies security vulnerabilities and quality issues in source code using checkers specific to each programming language
Compliance Framework Support
Adheres to global cybersecurity guidelines including OWASP and CWE standards for security testing
Multi-Stage Security Testing
Provides integrated platform for both static and dynamic security analysis with capability to test source code and web application front-ends
Code Security
Integrated code security with Software Composition Analysis (SCA), Static Application Security Testing (SAST), and Infrastructure as Code (IaC) security with continuous runtime application behavior monitoring
Cloud Security Posture Management
Robust Cloud Service Posture Management (CSPM) and Kubernetes Security Posture Management (KSPM) with attack path analysis and visualization of interconnected infrastructure risks
Cloud Infrastructure Entitlement Management
Comprehensive visibility and assessment of AWS IAM users, groups, roles, policies, and machine entitlements with automatic discovery and excessive permission identification
Behavioral Analytics
Continuous monitoring of AWS workloads using advanced anomaly detection techniques with comparison of past and present states to identify unusual behaviors
Threat Correlation
Automated correlation of multiple security alerts into high-confidence composite alerts using behavioral analytics, anomaly detection, and threat intelligence from AWS CloudTrail and GuardDuty
Security Testing Techniques
Comprehensive multi-vector security testing integrating automated tools, AI, and ethical hacking across SAST, DAST, SCA, CSPM, PTaaS, and reverse engineering
Continuous Security Integration
CI/CD agent that continuously reviews source code changes and breaks build to prevent deployment of vulnerable software
Cloud Platform Security
Seamless security integration with major cloud platforms including AWS, Microsoft Azure, and Google Cloud Platform for infrastructure vulnerability assessment
Vulnerability Remediation
AI-powered vulnerability detection and remediation with customized fix options, including automatic code fixes and expert consulting
Software Supply Chain Analysis
Detailed component and dependency inventory tracking with dynamic SBOM updates across software development lifecycle changes
Standard contract
No
No
Customer reviews
Jane A
Easy and efficient dynamic analysis testing solution
Reviewed on May 20, 2022
Review from a verified AWS customer
Simple and easy to use. I was able to purchase and began to use the service in about 3 minutes.
The simple UI and the quick tutorial were enough for me to get started without any problem.
Once I created a project with a target URL and other settings, I was able to analyze the project repeatedly without any changes.
The dashboard was intuitive enough and the analysis provided detailed information about the analysis results (description, analysis method, analysis result, and solution).
Overall, a great budget-friendly cloud security solution