introduce to secure coding checker
TRANSCRIPT
Introduction to Secure Coding Checker A diagnostic tool for identifying vulnerabilities in Android apps
Copyright 2016 Sony Digital Network Applications, Inc.
Copyright 2016 Sony Digital Network Applications, Inc. 2
My Profile
Sony Digital Network Applications, Inc. (SDNA) Marketing Producer Yoshinori Iwano
Planning of the smartphone app and marketing. Achieving a million DL and Photo category No.1 in the some countries. Then launch the sale of a new business Secure Coding Checker from the initial. Sold to around 100 listed companies in Japan. Now, responsible for US sales & marketing too.
Copyright 2016 Sony Digital Network Applications, Inc.
What is Secure Coding Checker?
4
A web-based vulnerabilities assessment tool
for Android applications.
Most popular assessment tool in Japan
Copyright 2016 Sony Digital Network Applications, Inc.
Key features of Secure Coding Checker
5
Developers need only upload your Apk file.
Results within a minute and unlimited scan
Use the easy guidance to quickly fix the problems in your code.
Copyright 2016 Sony Digital Network Applications, Inc.
Visualizing the effects of security provisions
6
Apps are automatically analyzed, and their vulnerabilities are displayed in a graphical format.
Copyright 2016 Sony Digital Network Applications, Inc.
Full coverage from identification to correction of vulnerabilities
7
The tool suggests methods for fixing the vulnerabilities it detects
The guidebook contains commercially-usable sample code that may be copied and pasted to fix vulnerabilities
Guidebook
Jump directly to the section of the guidebook that discusses the security issue in question
Copyright 2016 Sony Digital Network Applications, Inc.
Diagnostic criteria taken from the Android Secure Design / Secure Coding Guidebook
The Android Secure Design / Secure Coding Guidebook, Defect Standard for Android developer in Japan
8
June 2012 November 2012 April 2013 July 2014 June 2015 February 2016
Updated one to two times annually
Copyright 2016 Sony Digital Network Applications, Inc.
Evidence exporting functionality
9
Test results may be exported to Excel. The resulting spreadsheet may be used as evidence that an application was developed in compliance with the JSSEC secure coding guidebook
Export
Copyright 2016 Sony Digital Network Applications, Inc.
Customer Benefit
10
Allows for tests to be conducted multiple times though out the development
process.
So that pre-release trouble can be minimized
Helps developers find security issues in their code as early as possible
And gives the management team the ability to visualize and keep track of
current security activities and trends
Copyright 2016 Sony Digital Network Applications, Inc.
Our Costumers
11
around 100 listed companies Mobile operation companies
Major game companies
Electronic companies
And variety of industries companies.
Copyright 2016 Sony Digital Network Applications, Inc.
Free trial
12
Now offering free 4-week trials
https://freetrial.scc.sonydna.com/account/subscribe
Seeking for business partners !!
Copyright 2016 Sony Digital Network Applications, Inc.
How to contact us
13
Product website: http://www.sonydna.com/sdna/e/solution/scc.html Android Security Report http://www.sonydna.com/sdna/e/solution/AndroidSecutiryReport_en_160325Link.pdf Secure Coding Guide www.jssec.org/dl/android_securecoding_en.pdf Sony Digital Network Applications, Inc. Secure Coding Checker Department [email protected]
Sony is a trademark of Sony corporation. Other Sony product or service names are trademarks or registered trademarks of Sony Corporation or each Sony group company.
All other trademarks or registered trademarks are the property of their respective owners.
Sony Digital Network Applications, Inc.
21-28 Higashigotanda 2-chome, Shinagawa-ku, Tokyo, 141-0022 Japan TEL:+81-50-3750-1897
Copyright 2016 Sony Digital Network Applications, Inc. 14