UBsecure : Specialist in Application Vulnerability Scanning

Over the past few years, most enterprises have been accelerating their digital transformation by adopting leading-edge ICT technologies like cloud computing, IoT, Big Data, and more. These technologies are further enhanced rapidly through virtual applications. These are the next step in this revolutionary stride for sustained improvement. Also, the onset of COVID-19 has encouraged organizations to use contactless digital services. This rise in the popularity of virtual applications acts as a double-edged sword—it offers a broader reach, supports remote working trends, and exposes them to the vulnerable virtual world. It is highly essential to ensure that virtual applications are appropriately designed and implemented in such a scenario. A poorly constructed software can degrade performance, stability, and security, while driving up maintenance costs, delaying releases, and, at worst, bringing down entire systems. Also, from the moment these applications are released, attackers scrutinize the system thoroughly and attempt to exploit the slightest flaw. To counter this issue, organizations have to conduct a security assessment for web applications before the release to detect common vulnerabilities listed in OWASP Top 10 and discover security design flaws specific to the application, leading to unauthorized access.

This is precisely where UBsecure steps up with its robust, state-of-the-art application security scanner, "Vex" (Vulnerability Explorer), enabling customers to carry out security testing by themselves. Based on its corporate slogan, "Get security easier, Go enjoy your life," the company intends to provide services and products capable of removing the "difficult, troublesome, and frustrating" elements of security. "Our goal is to make security easier and contribute to the sustainable development of the world by creating unique security services that have yet to be seen in the world, based on our software development ability and investigative skills as a white hacker," states Kotaro Kando, president of UBsecure.

UBsecure's flagship product, Vex, is specifically designed for web applications and has the largest commercial market share in Japan.

"Vex" has been continuously improved to meet the needs of security teams. One of the notable features of Vex is that it is possible to reproduce screen transitions of various web applications and detect vulnerabilities without overlooking them. If a single vulnerability remains, it can be exploited to attack the application, no matter how strongly the other parts are protected.


The uniqueness of UBsecure is that the company not just develops the product and delivers but regularly uses it to provide security and penetration testing services. The team looks at their product from the user's perspective.

This approach helps them constantly evaluate and provide feedback on the feature and performance, leading to the improvement of the product. In addition, several security vendors have adopted "Vex" to use it as their standard security tool. The reviews and feedback from these vendors allow UBsecure to strengthen its product. "We believe that we have gained their trust and by using their feedback we enhance the features. We also generously share our knowledge and experience of security in order to give back to society," asserts Kando.

With the growing need for third-party security assessment services, UBsecure frequently receives inquiries from companies who desire to launch their security testing services. In cybersecurity events, they often provide hands-on training for web application security testing using Vex. Some participants expressed their interest in offering Vex-based security testing services to their customers, and UBsecure supported them in launching their services by providing training and certification (Vex Certification) on Vex-based security testing and know-how of all aspects of security testing services. With such rigorous training, several companies have been able to start their services.

All-in-all, UBsecure is heading toward a bright and secure future with its application security scanner solution. The company plans to integrate security into the application process from the beginning of the development lifecycle for the road ahead. UBsecure is dedicated to providing solutions that allow security and development teams to work collaboratively to eliminate vulnerabilities instead of opposing each other.

As a part of the expansion plan, UBsecure is currently focused on extending its business mainly in APAC countries. They will provide the product and know-how to companies that desire to launch a team-based security testing service rather than an individual-based one. "We are also planning to start offering a SaaS-type service that enables developers to repeatedly test their own systems under development. We would like to contribute to companies to develop an environment where the security and the development teams share responsibilities and work together to maintain safe and secure applications," concludes Kando.