Code Dx Version 2.3 Now Supports HIPAA and DISA STIG Compliance

by | Oct 26, 2016 | Press Releases

New Version of Application Vulnerability Correlation and Management Solution Includes Support for Sonatype Nexus, PHPMD, PHP_CodeSniffer, and Scalastyle

Download full text

NORTHPORT, N.Y. October 26, 2016Code Dx, Inc., a provider of an award-winning suite of fast and affordable tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced the release of version 2.3 of its Application Vulnerability Correlation and Management Solution as part of Cyber Security Awareness Month (#CyberAware). This new version offers support for HIPAA (Health Insurance Portability and Accountability Act) and DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides), helping organizations to ensure their software complies with industry standards. Code Dx also supports PCI-DSS (Payment Card Industry Data Security Standard), OWASP Top 10 and SANS 25.

“Industry standards, such as HIPAA and DISA STIG, have become essential in safeguarding the mass quantities of confidential data stored in today’s information systems,” said Anita D’Amico, CEO for Code Dx. “By supporting these two standards, as well as other industry standards, our Application Vulnerability Correlation and Management solution helps healthcare, financial, government, and retail organizations more easily find, prioritize and remediate software vulnerabilities that may enable malicious hackers to gain access to confidential data – preventing the costly data breaches that have become all too common.”

Code Dx version 2.3 consists of a wide range of enhancements to make it easier and more affordable for organizations to protect their IT infrastructure. The major enhancements in Code Dx 2.3 include support for the following:

  • HIPAA – Code Dx version 2.3 maps an application’s vulnerabilities to HIPAA regulations. Users can filter on specific requirements within HIPAA and find the specific lines of code that violate that part of the regulation and then easily prioritize identified vulnerabilities for remediation.
  • DISA STIG Versions 3.1 & 4.0 – Similar to HIPAA and PCI-DSS, Code Dx maps an application’s vulnerabilities to the DISA STIG requirements allowing government users to ensure compliance with this industry standard.
  • Sonatype Nexus – Code Dx now supports bringing in results from the Nexus platform, which tests third-party components in applications for potential vulnerabilities and licensing violations.
  • PHP Mess Detector (MD) and PHP_CodeSniffer – Code Dx can now analyze PHP applications to look for potential quality or security problems in their source code.
  • Scalastyle – Code Dx users can now leverage this Scalastyle checker, which examines Scala code and indicates potential problems with it.
  • New Reporting Formats – Code Dx can now produce reports in AlienVault/NBE and Tenable Nessus output formats. These can be directly ingested into an AlienVault SIEM (Security Information and Event Management software), Nessus vulnerability scanner or other SIEM solutions that support the Nessus format.


Code Dx is a low cost and easy step towards establishing a software assurance program within an organization, or enhancing an existing software assurance program. Stat!, which focuses on static code analysis, and Code Dx Enterprise, which automates correlation and management of vulnerabilities from multiple static and dynamic tools, are available worldwide.

Code Dx Free 30-Day Trial:
To download a trial of the Stat!, please visit: or email [email protected]. To arrange for an evaluation copy of the Code Dx Enterprise, please email [email protected].

About Code Dx
Code Dx, Inc. is a leading provider of easy and affordable application vulnerability correlation and management systems that enable software developers, testers and security analysts to find and manage vulnerabilities in software. The award-winning Code Dx solution integrates the results of multiple static and dynamic Application Security Testing (AST) tools and manual reviews into a consolidated set of results for quick and easy triage, prioritization and remediation. The core technology was partially funded by Department of Homeland Security Science & Technology (DHS S&T) to help secure the nation’s software supply chain. For more information, please visit or contact Code Dx at (631) 759-3993 or via email at [email protected].

All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.

Press Inquiries:
Karen Higgins
A&E Communications, Inc.
[email protected]