Kestrel Technology (KT) specializes in sound semantic static analysis with applications in software security, reliability, and robustness. Our core technology is abstract interpretation, implemented in our highly optimized, language-independent abstract-interpretation engine.
Our mission is to develop software analysis tools that provide automated mathematical assurance of software correctness in a cost effective way, and to apply them to real world applications.
Our “Next Generation” Software Analysis Tool: CodeHawk
KT has developed a very high precision, automated, customizable and tunable static source code analyzer called CodeHawk. The CodeHawk C analyzer is targeted at proving the absence of memory access ("buffer overflow") vulnerabilities in C programs. The CodeHawk binary analyzer is targeted at providing general insight into the behavior of a binary executable and providing assistance in the identification of potential memory access violations.
Our Value Proposition to Customers
For C code vulnerabilities, such as buffer overflows, CodeHawk can automatically analyze C programs in minutes and supply proof-based evidence of software correctness. For customers doing code review to verify the absence of critical vulnerabilities in their code, CodeHawk is a powerful productivity tool. It can dramatically reduce the amount of code needed to be reviewed, by automatically proving the absence of the targeted vulnerabilities in large segments of the code.
For binary code, CodeHawk can dramatically reduce the time required for reverse engineering of the code by partially automating the process.
Ideal Target Solutions for CodeHawk
- Analyzing C source code to automatically prove the absence of targeted vulnerabilities to minimize the amount of code remaining for manual code review
- Analyzing C source code "benchmark programs" to establish "gold standards" to use in measuring the efficiency and strengths / weaknesses of currently in-use "bug-finder" static analysis tools
- For reverse engineering of binary code, use CodeHawk as a complimentary tool with IDA Pro to achieve a more in-depth and more precise analysis
Partnering with Kestrel Technology
- Customers interested in obtaining the C analyzer for use in their facilities
- Government agencies / commercial entities interested in funding KT to develop "gold standard benchmarks" to measure the efficiency and strengths / weaknesses of their existing static analysis tools
- Customers interested in obtaining the binary analyzer for use in their facilities