An Application Vulnerability
Correlation and Management System

Find, prioritize, and manage software vulnerabilities – fast and affordably

See how it works...

Remembering Rebecca “Becky” Bace

March 14, 2017

It is with great sorrow that we note the passing of Becky Bace, a member of our Advisory Board. Becky was a pioneer of cyber security technology, working on early intrusion detection systems at NSA. She later helped fund other security innovators through her work at In-Q-Tel and Trident Capital, where she oversaw one of the largest cyber security investment portfolios in Silicon Valley. In her last few years she has been helping build the University of South Alabama Center for Forensics, Information Technology and Security. She innovated relentlessly, and helped shape the future of cyber security. Her Influence will be felt for decades to come.

Becky has always been a mentor. She generously gave her time to young people and young companies like us, sharing wisdom and helping us positively affect the security and economy of our country. She actively encouraged others to use their talents and influence for positive change, and Becky herself walked that walk. As an Advisor to Code Dx she was available when we needed guidance, calling in from wherever she was—a highway rest stop, an airport— to answer questions, make introductions, and help shape our vision.

Becky has been named one of the “Five Most Influential Women in Security” by SC Magazine. But to many of us that she mentored, she was and always will be “Mama Bear.” We will miss her. Read More


As seen in:

Key Features


Security and Quality Checks Configures and runs many bundled static analysis tools with more than 1,500 configurable rules with support for C, C++, C#, Java, JavaScript, JSP, PHP, Python, Rails, Ruby, Scala, and VB.NET.

Reporting Generates and shares your findings with PDF, XML, CSV, AlienVault/NBE and Nessus reports, pushes results to developer IDEs, creates JIRA issues, or our REST API can be used to integrate with other systems.

Automation Catches issues early and often by automating continuous application security. Our Jenkins and REST APIs fit well within DevOps teams.

Unified Results One interface for your consolidated set of results from SAST, IAST, and manual findings, with duplicates merged using our customizable correlation engine.

Standardization Communicates findings consistently from any tool with support for CWE and many other industry standards such as HIPAA, DISA STIGs, OWASP Top 10, SANS Top 25, and PCI-DSS.

Installation in minutes Deploys full stack in minutes for Windows, Mac, and Linux, with VM and cloud deployments available as well.

Triage and Remediation Filters and prioritizes the issues that matter most and provides developers with customizable remediation guidance.

SDLC Integration Integrates directly into your existing workflow with support for Eclipse, Visual Studio, Git, Jenkins, and JIRA.

Integration with all your tools Supports most commercial and open source tools. Quick and easy to integrate.

READY TO HAVE SECURE CODE?

Your first 14 days are on us.

WordPress Lightbox Plugin