The Code Dx team recently released Code Dx 1.7, which includes many new features. Some highlights include:
- Detecting the use of vulnerable third-party components
- Redesigned upload page
- Python support
- Checkmarx support
- Hide/show columns in Findings Table
- Update notifications
Detecting the use of vulnerable third-party components
Most of today’s software is developed primarily by leveraging third-party components and frameworks, and then stitching things together. In fact, Sonatype estimates that 90% of software written today is assembled from open-source components. For more information on the use of third-party components, check out our recent Government Security News (GSN) article.
These new findings will appear with the rest of the tool results within Code Dx’s unified interface.
Redesigned upload page
We’ve redesigned the New Analysis tool/source upload page to be more transparent and flexible. After selecting your input files, Code Dx will now show you what content was detected and what tools will be run based on that content. It also allows you to disable a particular content type, which will prevent the associated tool(s) from running. Or you can simply disable a tool directly.
This new version of Code Dx now has support for checking Python code for flaws by leveraging the Pylint static analysis tools. Just give Code Dx a zip of your source code or point to a Git repository, then you can quickly check it against 218 Python rule checkers.
With Code Dx Enterprise, Checkmarx CxSAST XML output files can now be uploaded to Code Dx and integrated with your other static analysis tools for triage, collaboration, and remediation.
Hide/show columns in Weaknesses Table
The table that lists the findings now has configurable columns, so if you are only interested in a few attributes you can hide the rest, and provide room for the stuff you really care about.
Curious about whether there’s a new release of Code Dx available? Now update notifications will be shown in the header area to the left of the Code Dx logo. The color will change from yellow to red as you become more out-of-date. Hover over the update icon for a download link for our latest version.
Check it out!
The Code Dx team hopes you will find these new features useful. Don’t hesitate to contact us with your questions and comments. We appreciate all feedback and look forward to hearing from you.
If you haven’t used Code Dx yet, then download your free 30-day trial version today.