TMCnet News

Code Dx(R) Pushes the Limits of Application Security Testing and SAST Tool Integration With Version 1.5
[October 08, 2014]

Code Dx(R) Pushes the Limits of Application Security Testing and SAST Tool Integration With Version 1.5


(Marketwire Via Acquire Media NewsEdge) NORTHPORT, NY -- (Marketwired) -- 10/08/14 -- Code Dx, a provider of a robust suite of fast and affordable tools that help software developers and security analysts find, prioritize and visualize software vulnerabilities, today announced the release of Code Dx® Version 1.5 to meet the ever-growing threat of computer attacks initiated through exploitation of vulnerabilities in software. The newest version of this software assurance analytics solution includes an expanded set of tools and increased performance and usability features allowing software developers to easily consolidate and normalize software vulnerabilities detected by multiple static application security testing (SAST) tools.



Studies show that more than 80 percent of computer attacks are traceable to vulnerabilities in software inadvertently placed there during the development cycle. Code Dx now helps developers and security analysts find, prioritize and visualize vulnerabilities in Java, C++, C#, and Ruby on Rails source code.

Developed under the Department of Homeland Security (DHS) Science & Technology (S&T) Directorate Small Business Innovative Research (SBIR) program, Code Dx's visual analytics help engineering professionals -- including Software Developers, Security Auditors, Compliance Officers, and Quality Assurance Engineers -- triage and prioritize detected software vulnerabilities for effective remediation. It has been featured on DHS's Software and Supply Chain Assurance website.


"This new version offers significantly enhanced features and functionality over our previous versions," said Anita D'Amico, director of Secure Decisions, the company that developed Code Dx. "We have listened carefully to our customers to understand their needs and have expanded our suite of software assurance analytics tools to help minimize weaknesses in their software. Our clients are getting better coverage, have one interface for results and are more easily able to prioritize issues that need resolution. We have also broken the cost barrier that has prevented many small and medium size businesses from deploying expensive commercial application security testing tools." Code Dx Version 1.5 now leverages the open source tool Brakeman providing added support for the popular Ruby on Rails web development language. The new version also offers Checkstyle, a Java tool that enables increased analysis for Java source code. Checkstyle is the third Java tool in the Code Dx solution suite increasing coverage and identification of weaknesses.

Significant performance improvements have also been made in Version 1.5 allowing users to conduct the triage analysis process much faster. As developers running multiple analysis tools are overwhelmed with findings, Code Dx provides configurable rule sets to help reduce false positives and enable users to easily focus in on serious weaknesses first. Additionally, Code Dx Version 1.5 provides a more seamless integration with other systems improving automated analysis through its extended API support.

Availability:Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Code Dx Standard Edition Version 1.5 and Code Dx Enterprise Edition Version 1.5 are available worldwide.

Code Dx Free 30-Day Trial:To download a trial of the Code Dx Standard Edition, please visit: http://codedx.com/download-free-trial or email [email protected]. To arrange for an evaluation copy of the Code Dx Enterprise Edition, please email [email protected].

About Code Dx Code Dx was launched as a product to provide an easy and affordable way for developers and security analysts to find vulnerabilities in software. It was built on a foundation of R&D performed by Secure Decisions, a division of Applied Visions, Inc., and funded by DHS S&T to help secure the software supply chain. For more information, please visit www.codedx.com or contact Code Dx at (631) 759-3993 or via [email protected].

Keywords: software assurance, application security testing, application security, cyber security, DHS, risk management, SAST, Code Dx, Secure Decisions, software security, static analysis, static source code analysis, open source static analysis tools, visual analytics, visualization.

All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.

Press Inquiries: Karen Higgins A&E Communications, Inc.

610-831-5723 Email Contact Source: Code Dx

[ Back To TMCnet.com's Homepage ]