Code Dx is excited to announce Code Dx Enterprise 3.0, the latest version of our Application Vulnerability Correlation and Management (AVCM) tool. The new release brings the highest level of efficiency to application security testing in the industry to date. Code Dx will be demonstrating these new features at the RSA Conference in San Francisco. We invite you to come visit our booth to see how you can streamline your own application security vulnerability testing and management process.

Streamlining application security testing like never before

Code Dx Enterprise 3.0 makes Hybrid Application Security Analysis a reality. We know the importance of using both Static Application Security Testing (SAST) tools and Dynamic Application Security Testing (DAST) tools. SAST tools identify potential vulnerabilities by testing the application code from the inside. DAST tools test the application’s operation from the outside, just as a hacker would challenge it. So even though your SAST tools may identify a number of vulnerabilities, you need the results from DAST tools to determine which of those many vulnerabilities are actually exploitable.

It can be a challenge to sort through and correlate the results from multiple tools and various techniques. Code Dx was developed to automate this correlation of results from SAST tools and DAST tools. The results from each type of tool are normalized, duplicates are removed, and severity levels are identified.

The Hybrid Analysis in our Version 3.0 delivers the ultimate in AVCM tools, correlating the results of SAST and DAST tools together. Merging these results is a critical step in proper application security testing that Code Dx is proud to now offer. Code Dx is the first in the application security testing industry to deliver the kind of in-depth insight to the execution of your code that you need to really benefit from Hybrid Analysis. It will enable you to prioritize vulnerabilities faster and more accurately, so you can focus your resources on remediation.

Code Dx Enterprise 3.0 supports and integrates with more than 30 commercial and open-source SAST, DAST, and IAST tools and techniques. Version 3.0 also includes the addition of:

  • ESLint – the pluggable linting utility for JavaScript and JSX.
  • Cigital (part of Synopsis) Cedar – on-demand penetration testing tool.

See it in action at the RSA Conference 2018

Want to see how it all works in action? Come see us at the RSA Conference. We will be showing off the latest version of our AVCM tool at our booth – #ESE-07 – in the Marriott Early Stage Expo. This area is devoted to emerging start-ups, and we are excited to be able to show off our ground-breaking technology. Additionally, we’ll be in the DHS Science & Technology Booth #1839 South, and in a suite at the Marriott Marquis, providing scheduled presentations.

Code Dx was also just announced as a finalist for the 2018 InfoSec Awards. The finalists were selected by Cyber Defense Magazine from a group of over 3,000 companies, with a focus is on innovators in information security. The winner will be announced at the RSA Conference on April 16th – perfect timing for the launch of our latest flagship tool.

The RSA Conference runs from April 16–20, and is the place to learn about the latest issues and technologies around information security. We are looking forward to several items on the agenda this year, including the talk on the emergent cloud security toolchain for Continuous Integration/Continuous Deployment. We encourage you to stop by and see how our newest capabilities can empower you to conduct thorough application security testing without the resource drain of sorting, correlating, and prioritizing results. Let us show you how comprehensive, yet painless, the application security testing process can be.

%d bloggers like this: