Scantist’s main mission is to help organizations use open source freely and securely while staying legally compliant. Building on our extensive research and deep scientific expertise as a spin-off from a security research lab in Nanyang Technological University, we advocate implementing security testing right from the initial phase of development. Our solutions recommend on remediating vulnerabilities in your open source code, with minimal interruption to your software developers.
Our users include governmental agencies, enterprises and SMEs.
Scantist graduated from the CYLON accelerator program organised by ICE71, won the CSA of Singapore’s Call for Innovation Grant in 2020 and received the National Cybersecurity Research Grant from the National Research Foundation of the Singapore PMO.
Scantist is also an industry collaborator to facilitate the National Integrated Centre of Evaluation’s (NICE) research into the use of a SCA tool as an application evaluation technique.
Scantist is the first Singapore company to be a member of the Open Source Security Foundation (OpenSSF), a Linux Foundation.
Scantist - the right fit for Govt Agencies
• Govtech SHIP-HAT list of defined DevSecOps tools including: SCA, DAST and SAST. Scantist technology started with SCA, and we integrate with strong partners that provide SAST and DAST solutions, such as Sonarqube and Webinspect.
• Targeted and Actionable Remediation: Scantist provides prioritise remediation for faster security fix time with recommended root-level fixes. With Single-click fixes for all vulnerabilities that developers can easily implement
• SaaS / On-premise: Scantist is providing a full SaaS SCA platform. On-premise deployments and private cloud deployments are fully supported.
• Binary Analysis: Scantist supports true binary analysis – going beyond strings and hashes and all things trivial to find open source risks.
• NTU-Scantist DevSecOps Professional & Tools: A SkillsFuture SG funded 4-days Course where you can learn how to improve your organization’s security posture with successful DevSecOps implementations.