Download full text
SAN FRANCISCO, CALIF. and NORTHPORT, N.Y. – February 13, 2017 – (RSA Conference 2017 Meeting Suite WES-19) – Code Dx, Inc., a provider of an award-winning suite of time-saving and easy-to-use tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced the availability of Code Dx 2.4. The new version adds support for Contrast Security’s Assess IAST (Interactive Application Security Testing) solution further improving the quality of an organization’s Application Security Testing (AST) results. Other features have been added to help users better track their progress in remediating the flaws and vulnerabilities that they have found in their applications.
Code Dx already supports more than 40 AST tools and various techniques, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), manual inspection, and third-party component analysis. Now, in version 2.4, through its partnership with Contrast Security, Code Dx supports IAST, which combines static and dynamic AST methods to enhance testing results by detecting vulnerabilities from within a running application.
“We have made it simple for our end users to leverage the power of Contrast Security’s Assess IAST solution. They can automatically pull results from Assess IAST on a continuous basis without downloading and then uploading scan results each time. They simply open Code Dx and the latest results are there,” said Ken Prole, CTO for Code Dx. “We also made other enhancements to Code Dx to improve the value Code Dx offers its users by adding new filters for temporal analysis of findings across scans. These filters help users better understand the results and how to optimize their AST processes.”
The new Age Filter in version 2.4 tracks how long a vulnerability has been in the queue to be resolved, helping organizations better understand bottlenecks in their processes. Code Dx not only allows users to view vulnerabilities based on age, but also enables the combination of the data with other filters, such as cross-referencing it with high-severity vulnerabilities.
Code Dx 2.4 also offers Time/Version Filters. These temporal filters help users understand how many new findings have been added since the last analysis, with the last code commit, between a certain timeframe, between two versions, or during development versus post-release.
Code Dx offers easy solutions for establishing a software assurance program within an organization, or enhancing an existing software assurance program. Stat! from Code Dx is a quick and low-cost tool to get started finding and managing quality flaws and security vulnerabilities through static code analysis. Code Dx Enterprise automates the correlation and management of flaws and vulnerabilities from more than 40 static, dynamic and interactive tools, as well as from your own manual code analysis. These solutions are available worldwide.
Code Dx Free Evaluation:
To request a free trial of either Stat! or Code Dx Enterprise, please visit: https://codedx.com/free-trial/ or email firstname.lastname@example.org.
About Code Dx
Code Dx, Inc. is a leading provider of easy-to-use application vulnerability correlation and management systems that enable software developers, testers and security analysts to find and manage vulnerabilities in software. The award-winning Code Dx Enterprise solution integrates the results of multiple static, dynamic and interactive Application Security Testing (AST) tools, third-party component analyzers, and manual reviews into a consolidated set of results for quick and easy triage, prioritization and remediation. The core technology was partially funded by Department of Homeland Security Science & Technology (DHS S&T) to help secure the nation’s software supply chain. For more information, please visit www.codedx.com or contact Code Dx at (631) 759-3993 or at Info@CodeDx.com.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.
A&E Communications, Inc.