Code Dx Version 1.5 Offers Small and Medium-Sized Businesses an Easy and Affordable Way to Test the Software They Build or Buy for Vulnerabilities
NORTHPORT, NY–(Marketwired – Oct 8, 2014) – Code Dx, a provider of a robust suite of fast and affordable tools that help software developers and security analysts find, prioritize and visualize software vulnerabilities, today announced the release of Code Dx® Version 1.5 to meet the ever-growing threat of computer attacks initiated through exploitation of vulnerabilities in software. The newest version of this software assurance analytics solution includes an expanded set of tools and increased performance and usability features allowing software developers to easily consolidate and normalize software vulnerabilities detected by multiple static application security testing (SAST) tools.
Studies show that more than 80 percent of computer attacks are traceable to vulnerabilities in software inadvertently placed there during the development cycle. Code Dx now helps developers and security analysts find, prioritize and visualize vulnerabilities in Java, C++, C#, and Ruby on Rails source code.
Developed under the Department of Homeland Security (DHS) Science & Technology (S&T) Directorate Small Business Innovative Research (SBIR) program, Code Dx’s visual analytics help engineering professionals — including Software Developers, Security Auditors, Compliance Officers, and Quality Assurance Engineers — triage and prioritize detected software vulnerabilities for effective remediation. It has been featured on DHS’s Software and Supply Chain Assurance website.
“This new version offers significantly enhanced features and functionality over our previous versions,” said Anita D’Amico, director of Secure Decisions, the company that developed Code Dx. “We have listened carefully to our customers to understand their needs and have expanded our suite of software assurance analytics tools to help minimize weaknesses in their software. Our clients are getting better coverage, have one interface for results and are more easily able to prioritize issues that need resolution. We have also broken the cost barrier that has prevented many small and medium size businesses from deploying expensive commercial application security testing tools.”
Code Dx Version 1.5 now leverages the open-source tool Brakeman providing added support for the popular Ruby on Rails web development language. The new version also offers Checkstyle, a Java tool that enables increased analysis for Java source code. Checkstyle is the third Java tool in the Code Dx solution suite increasing coverage and identification of weaknesses.
Significant performance improvements have also been made in Version 1.5 allowing users to conduct the triage analysis process much faster. As developers running multiple analysis tools are overwhelmed with findings, Code Dx provides configurable rule sets to help reduce false positives and enable users to easily focus in on serious weaknesses first. Additionally, Code Dx Version 1.5 provides a more seamless integration with other systems improving automated analysis through its extended API support.
Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Stat! Version 1.5 and Code Dx Enterprise Version 1.5 are available worldwide.
Code Dx Free 30-Day Trial
To download a trial of the Stat!, please visit: https://codedx.wpengine.com/download-free-trial or email [email protected]. To arrange for an evaluation copy of the Code Dx Enterprise, please email [email protected].
About Code Dx
Code Dx was launched as a product to provide an easy and affordable way for developers and security analysts to find vulnerabilities in software. It was built on a foundation of R&D performed by Secure Decisions, a division of Applied Visions, Inc., and funded by DHS S&T to help secure the software supply chain. For more information, please visit www.codedx.com or contact Code Dx at (631) 759-3993 or via [email protected].
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.
A&E Communications, Inc.