There are many application security techniques available today, but not all software security vulnerabilities can be found by any one of them. Every detection technique has its advantages and disadvantages and such tools are mutually complementary; using them in conjunction creates a more comprehensive safety net. Code Dx, Inc. was founded on the principle that application vulnerability management should be an integral part of the software development process, and that can only happen if it is convenient and logical. This approach helps developers and security professionals make their software as secure as possible using an integrated collection of open-source and commercial tools.
Code Dx built its flagship product, Code Dx Enterprise, to combine and correlate different tools and techniques under one software vulnerability management system. The advantage is that one set of results are consolidated across tools, one user interface, one reporting function, and a central method for prioritizing and assigning vulnerabilities for remediation. Developers and security analysts can use these reports and Code Dx’s remediation guidance to coordinate and decide which vulnerabilities to fix first, and streamline the tracking of their remediation.
A Strong Leadership Foundation
Anita D’Amico is the CEO of Code Dx. She has a unique background as a human factors psychologist, cybersecurity situational awareness specialist, and a security researcher. This exceptionally diverse background and Anita’s ability to develop a vision and fuel it with energy, good communication, and effective leadership has propelled Code Dx to where it is today.
Under her leadership, Code Dx has developed innovative application vulnerability correlation and management solutions that are breaking down barriers to using Application Security Testing (AST) tools and processes, and enabling organizations to protect against software vulnerabilities.
Driven by the Word ‘Together’
While the industry is working hard to deliver powerful AST tools, Code Dx Enterprise is different because of its focus on making those tools work together to produce better, actionable results even faster and with less effort. Thus, customers see Code Dx Enterprise as a value multiplier for their existing AST investments.
Code Dx Enterprise automatically configures and runs 15 different open-source AST tools directly from within the solution. When customers feed their code into Code Dx Enterprise, it automatically identifies the language, then selects and runs an appropriate set of open-source tools to find vulnerabilities in their code as well as third-party libraries, and then consolidates the results. Code Dx Enterprise also seamlessly integrates with a wide variety of the industry’s best commercial static, dynamic, and interactive AST tools. Merging open-source results with tools that they already know and like extends the value of their AppSec investment.
Code Dx Enterprise also stands out with its seamless integration into the software development processes. It assimilates effortlessly with several integrated development environments (IDEs), build servers like Jenkins, and issue trackers like Jira. Code Dx has also made considerable effort in the past two years to be easily adopted into the DevOps process.
Vulnerability Correlation and Management Solutions
Code Dx fills a critical hole in the cybersecurity market with its software vulnerability correlation and management solutions. The company’s team of expert developers has created high-value software systems for demanding commercial and government customers, and they participate in complex cybersecurity research and development work for various government agencies. As a result, Code Dx understands the real-world challenges faced by software developers and security analysts in securing their software. Its team of tool developers and application security specialists is dedicated to providing the tools, techniques, and support needed by application developers to assure the security of their software products and services. The team’s emphasis is on building a safer software security supply chain.
Code Dx’s collaboration with clients and government research sponsors over the year have given it the knowledge and expertise to build futuristic solutions in real-time, and provide top-notch customer service and support as well.
Anita adds, “Code Dx Enterprise saves time and valuable resources needed to secure your applications, whether you are just getting started or have a mature application security practice, by streamlining software vulnerability management through all its phases: discovery, consolidation, triage, prioritization, and remediation.”
Code Dx is committed to providing the highest level of support to its customers, who mostly specialize in shipping software products but opt for security because it is important to those products and their clients who use them. Hence, Code Dx extends its support beyond just helping its customers to use its tools effectively. The company also advises them on how best to approach application security and build secure software in the development process. This comprehensive approach has enabled Code Dx to sustain and build upon its long-term global and regional partnerships.
New Opportunities in Cybersecurity
The security services sector will continue to grow as more people understand and accept that conducting business in the internet age is fraught with cybersecurity risks. However, Code Dx has also seen that enterprises are beginning to accept responsibility for ensuring their own security, and bringing many of the activities previously given to the service sector in-house. These evolutions are creating new opportunities for security service providers like Code Dx who are adapting to the new tools and supporting their application security needs to leverage their processes.