Analyze source code for security vulnerabilities


  • Semantic Analysis
  • Drag & Drop Instant Analysis
  • Incremental Analysis


  • Active Suggestion
  • Advanced Issue Filtering
  • Intelligent Issue Clustering


  • Customizable Reporting (PDF, Excel, Word)
  • Dynamic Policy Enforcement
  • Alert/ Download Center

Flexible integration with process and development environment

  • Integration with developer IDEs

    Sparrows enables developers to analyze the source code and issues frequently with IDE

  • Integration with transfer control system

    Escalate only source code that is not problematic from the transfer control system

  • Integration with Build System

    Integration with build systems enables periodic source code checkup and code change

Key Feature

  • Web management

    • Dashboard for analysis result management and statistics
    • Centralized rule (Checker) management based on information including risk levels, option and other.
  • Integration with other solutions

    • Transfer control via integration with source code version controls
    • Automated management via integration with Build Management Tool (Continuous Integration) and Issue Tracking System (ITS)
    • Hybrid analysis by interaction with DAST, and RASP
  • Dashboard and statistics

    • Dashboard offers various information including analysis/usage progress, source code status, project risk level and more
    • Analysis result history by time frame
    • Provide daily and accumulated status and statistics by tasks/ division/ user
  • Customizable report

    • Ability to edit project summary information, analysis file information, results by risk, Top 10, violation reference, etc.
    • Reports (PDF, Excel, Word, HWP)
  • Analysis history management

    • Able to differentiate new issues from older issues by comparing the results with prior analysis results
    • Preserve analysis result even if source code are changed
    • Prevention of unauthorized use or tempering through provision of exception request/approve process
  • Various analysis methods

    • Easy to use GUI that enables analysis with a simple click
    • CLI that enables batch and scheduling analysis
    • Plugin that can be installed in development IDE to enable analysis and result checking
    • Simple drag and drop analysis via web management system without separate client program


On Cloud
On Premise
Saas Subscription USD ($) KRW (₩) Buy
Bronze package 1 User 7 days subscription USD$ 900 KRW₩ 900,000 Buy now
Silver package 2 User 30 days subscription USD$ 1,500 KRW₩ 1,500,000 Buy now
Gold package 5 User 365 days subscription USD$ 9,000 KRW₩ 9,000,000 Buy now
On Premise   Perpetual License
Standard (Upto 5 users)
Additional Users
SAST + SAQT edition

Supported Environment

• Language

Java, JSP, JavaScript, C/C++, PHP, C#, ASP(.NET), VB(.NET), VBS, SQL, XML, ABAP, SWIFT, HTML, Android Java, Objective-C, Python and more

• OS

- Server : Windows, Linux (RedHat, Debian)
- Client : Windows, Linux(RedHat, Debian), AIX, HP-UX, Solaris, MacOS

• Framework

Spring, Struts2, IBATIS / MYBATIS, Tmax ProFrame, MiPlatform, XPlatform, Nexacro

• IDE Plugin

Eclipse, Visual Studio, IntelliJ, Android Studio, ProFrame Studio, IBM RAD

Guide / Standards





• BSSC C/C++

• HIC C++ and more

Products Security Quality