To detect defects in software, Yonita combines static and dynamic application testing. Static application testing is performed using a cutting-edge static analysis implemented in Yonita Code Scanner, whereas dynamic application testing is executed using Yonita Web Scanner.

Yonita Code Scanner

Semantic Engine

Semantic Engine consists of a semantic analyzer and an inference engine.

The semantic analyzer is responsible for parsing and in-depth analysis of a program, particularly identification of the elemental relationships between code constructs based on detailed call and data flow analysis. It employs an abstract interpretation technique with Yonita?s unique metamodel that enables efficient, accurate analysis of all execution paths in a program.

The inference engine is based on a deductive database; it stores a metamodel and infers its properties using the rules and queries from the Defects Knowledge Base.

Defects Knowledge Base

The Defects Knowledge Base contains a formal representation of defects, anti-patterns, and bad practices in software. It encompasses an exclusive source of knowledge that represents abstract concepts in terms of basic code constructs and elemental relationships.

Yonita Web Scanner

Yonita Smart Web Scanner is dedicated to scanning a web application for quality and security defects. It is based on automated tests generated by two cooperating components:

• Smart Test Generator that creates a test suite based on the discovered structure of a web application
• Randomized Data Generator that provides input data to the generated test scenarios to cover various execution paths and security vulnerabilities