NORTHPORT, N.Y. – April 22, 2020 – Code Dx, Inc., a provider of an award-winning application security management solution that automates and accelerates the discovery, prioritization, and risk management of software vulnerabilities, today announced a new Tool Orchestration capability, now available as an extension to Code Dx Enterprise 5.0. This new feature centralizes the running of AppSec tools at scale, saving software developers and security professionals significant labor hours.
Security testing tools are difficult to onboard and maintain, especially within a DevOps build pipeline. This new orchestration capability in Code Dx Enterprise centralizes and harmonizes application security testing across all development pipelines into a scalable, repeatable, and automated process enterprise-wide.
“There is an extremely low ratio of security staff to developers—about 75 developers for every security professional—and we’re living in a world of rapid application development. Releases come quickly, and the only way for security professionals to keep pace is through automation,” explained Code Dx CTO Ken Prole. “Code Dx Enterprise makes it possible to do application security testing at DevOps speed—and, more importantly, DevOps scale. The AppSec tool integration service is highly optimized for scalability purposes, and lets users automatically run 16 bundled open source tools right out of the box, but also run commercial static (SAST) and dynamic AppSec testing (DAST) tools. The major improvement in this latest release is that end-users can set up orchestration for any tool they want to use, whether it’s commercial, open-source, or an in-house solution. Code Dx is the only AppSec vulnerability management platform that has a capability this powerful.”
Code Dx 5.0 with the Tool Orchestration services leverages Kubernetes and Docker containers, allowing for DevOps processes to truly scale up their AppSec program and run extensive tests across all their build servers without sacrificing development speed.
The new orchestration capability will ease the onboarding of new applications into a security pipeline; allow organizations to orchestrate any AppSec testing tool they want to use; save months of time in installing, configuring, and updating tools; ease the friction between developers and security professionals; standardize processes across the entire enterprise; enable parallelized security testing that is horizontally scalable and resilient; and shift security to the left in the development process by providing self-service testing for developers.
“The easier we make AppSec testing for developers, the earlier it will take place in the development lifecycle,” added Prole. “This will help to identify vulnerabilities earlier and verify the findings are not false positives before sending them back to the developers to fix. Automating the management of multiple AppSec tools across an enterprise provides the necessary time savings to let security professionals keep pace with the rapid development process and ensure their applications are secure.”
Code Dx Enterprise 5.0 is available now. Visit www.codedx.com to learn more.
About Code Dx
Code Dx, Inc. provides an award-winning application security management solution that automates and accelerates the discovery, prioritization, and risk management of software vulnerabilities. The Code Dx Enterprise solution orchestrates Application Security Testing (AST) tools, consolidates the results into a single view for quick and easy prioritization and remediation, and provides reports and AppSec metrics for tracking the processes and progress of an AppSec team. The core technology was partially funded by the Department of Homeland Security Science & Technology (DHS S&T) to help secure the nation’s software supply chain. For more information, please contact Code Dx at (631) 759-3993 or [email protected].
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.
A&E Communications for Code Dx, Inc.