KnoRisk™ is an On-Premise, Software Assurance tool in the Static Application Security Testing (SAST) market. It combines best-in-class industry standard open source static, binary code and byte code scanners with additional scanners developed by Sentar along with a Console & Reporting Agent, tools agent wrappers and a Tools Abstraction Layer (TAL). Sentar developed the agents and TAL to provide a consistent User Interface (UI) and reporting format using a normalized risk assessment scoring range that is the same across all included tools. Additionally, Sentar’s TAL also provides for a faster integration of new tools into KnoRisk.
Sentar’s KnoRisk technology was developed under a large, multi-vendor Federal software development project. Information Assurance employees have been primary drivers of the development of Sentar’s Software Assurance SAST technology which is currently being enhanced under a new SBIR Phase II contract. Once completed, the majority of enhancements will also be rolled into an upcoming version of KnoRisk.