If you would like more information about the profile please click
. You will be directed to a new page where you will need
to provide some information about yourself/your business cooperation needs and submit
your expression of interest in the profile . A Network Partner will then contact
you to discuss your interest in greater detail.
A French software editor operating in the field of cybersecurity (application security) is looking for partners in Information and Communication Technologies (ICT) sector.
The partners will help their clients who need support in mastering the cyber risk of the software applications they develop or outsource. The partnership will be a services agreement.
The company is a start-up established in 2017. The founders are specialists in cybersecurity and code auditing thanks several years of experience in this field.
The French company has developed an innovative software: a new generation source code scanner. This innovative tool is used for smart detection of vulnerabilities in the source code of software developments.
The tool supports all stakeholders in applications development, in deploying "security and privacy by design" best practices and processes.
Applying security and privacy by design principles to software development is made possible from the very first line of code with using source code scanners.
Based on Static Application Security Testing (SAST) technologies, all developers face the same dilemma: these SAST technologies provide a huge volume of information to the user among which a significant part is irrelevant (false positives and duplicates). Developers need huge manual work to qualify the warnings prior to start fixing the issues.
The scanner developed by the French start-up moves that dilemma one step forward and focusses the user much faster on the most critical issues in his context. Merging SAST with machine learning enhances the efficiency of source code vulnerability detection, with automated qualification of the warnings released by static analysis and then offering more relevant information and less time wasted for the user.
For procurement, the software helps to qualify the overall security level of their outsourced developments before delivery acceptance,
For DevOps (software development and operations), the software let developers benefit from an efficient tool for their code reviews (desktop / continuous integration),
For cyber auditors & service providers, the software brings optimization with unprecedented code mining and customization capabilities.
Among its functionalities:
• Source code scanning and efficient detection of software vulnerabilities
• Vulnerability prioritization
• Contextual detection of data flaws
• False positives reduction of the SAST warnings
• Executive dashboards to have a view on the overall security level of an application (or a set of applications)
• Advanced diagnostics of the found vulnerabilities
• Code mining functionalities
• High level of customization capabilities allowing users to adapt the tool to their own coding best practices
• Contextual remediation support
• Educational explanations
The French company would like to find partners such as services provider who can promote and install its innovative source code scanner for applications editors, integrators, services providers through a services agreement.
By integrating machine learning with static analysis (SAST), this French company’s technology overcomes the recurring difficulties of source code scanning. It brings greater efficiency and increases the relevance of code review / audits, and allows for overall assessment of the security level of outsourced developments.
The machine learning implementation of the French start-up brings several differentiators among which:
- an unprecedented capability to reduce false positives from static analysis, thus avoiding to pollute the users with erroneous warnings as well as duplicates,
- a high capability to take the user context into account and fine tune the vulnerability analysis to the application and to the end users' business,
- a new approach of source code scanning based on business semantics,
- a pedagogic tool which shows advanced human oriented diagnostics to the users,
- contextual remediation functionalities to help the user to find efficient ways to fix the vulnerabilities,
- advanced code mining functionalities to help auditors in their investigations.
When the tool is delivered pre-trained, machine learning remains available to the user who benefits from powerful functionalities of customization.
The French start-up is looking for partners specialized in ICT sector with recognized technical competences in software development and cyber-security.
The partner has to be able to install the French company’s software and advise and train its clients to use it.
The potential partner must have also a good knowledge of its market.
The source code scanner of the start-up is used by a well-known telephone operator in France.
The partners can be applications editors, integrators, IT services providers who will have to propose this source code scanner application to their clients who need to have a tool to check the security of the applications they develop or outsource.
The partners will support their clients with installation of the software and will advise and train them.
The type of partnership between the French company and the partner will be a services agreement.