Code Dx® Version 1.7 Protects Software Supply Chain with Increased Functionality

by | May 4, 2015 | Press Releases

Share This Story, Choose Your Platform

Download full text

New Version Supports Dependency-Check, Retire.js, Pylint and Checkmarx Further Expanding Vulnerability Coverage

NORTHPORT, NY, May 4, 2015Code Dx, Inc., a provider of a robust suite of fast and affordable tools that help software developers and security analysts find, prioritize and visualize software vulnerabilities, today announced the newest version of its software security toolset, Code Dx® Version 1.7. This new version includes three new bundled tools, two for detecting the use of known vulnerable components: Dependency-Check for Java and .NET dependencies and Retire.js for JavaScript libraries used on the web and in Node.js applications, as well as support for Python code base scanning with the bundling of Pylint. This new version of Code Dx also includes the ability to ingest the results of the Checkmarx source code analysis tool.

“Securing the software supply chain is an increasingly critical issue for the software industry,” said Anita D’Amico, Ph.D., CEO of Code Dx. “We continue to enhance the functionality of Code Dx to enable software developers and software purchasers using different coding languages to easily and affordably test their software for potential vulnerabilities to attack. This newest version of Code Dx now offers these users the ability to check the vulnerability status of third-party software components embedded in the software, in addition to finding vulnerabilities in custom code.”

Code Dx Version 1.7 offers numerous enhancements from the previous version. The three key additions include:

  • Checking for use of components with known vulnerabilities – Dependency-Check, an Open Web Application Security Project (OWASP) Foundation tool, identifies project dependencies and checks for any known, publicly disclosed, vulnerabilities. In this release, Code Dx is bundling Dependency-Check for Java and .NET dependencies and Retire.js for JavaScript libraries used on the web and in Node.js applications. Code Dx will now automatically run these tools on user-provided inputs to determine if any known vulnerabilities exist that may impact their software development project.
  • Pylint – This tool checks for potential vulnerabilities in the Python code base – extending the breadth of programming languages Code Dx supports.
  • Checkmarx – This powerful source code analysis tool is now supported by the Code Dx Enterprise. It is an internationally used, automated scanning technology that offers robust functionality to enable developers and auditors to easily scan code and eliminate software risk.

“Layered security is a must when protecting the enterprise’s assets,” said Amit Ashbel, product marketing manager at Checkmarx. “We are glad to cooperate with Code Dx to enable organizations with application security awareness to combine Checkmarx’s powerful source code scanning capabilities with a variety of market solutions.”

Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program.  Stat! Version 1.7 and Code Dx Enterprise Version 1.7 are available worldwide.

 Code Dx Free 30-Day Trial:
To download a trial of the Stat!, please visit: or email [email protected]. To arrange for an evaluation copy of the Code Dx Enterprise, please email [email protected].

 Press Inquiries:
Karen Higgins
A&E Communications, Inc.
[email protected]

About Code Dx
Code Dx, Inc. is a provider of easy and affordable solutions to enable developers and security analysts to find vulnerabilities in software. The core technology was partially funded by DHS Science & Technology to help secure the nation’s software supply chain. For more information, please visit or contact Code Dx at (631) 759-3993 or via email at [email protected].

All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.

Share This Story, Choose Your Platform