It’s been an exciting month for Code Dx. We got a huge mention in an article by leading VC analyst Steve Morgan published in the Forbes February edition, we are about to receive a big award at RSA and we have received a couple more pieces of industry recognition as well.
We were delighted to see the article where Morgan mentions what the Department of Homeland Security (DHS) has been saying for quite some time: there is a dire need to increase software assurance for critical infrastructure and to secure the country’s software supply chain. The seriousness of the threat was highlighted the same day when President Barack Obama requested a $5 billion increase from the 2015 cybersecurity budget to a total of $19 billion, which further highlights the threats facing the nation’s digital infrastructure!
Our Code Dx software is a vulnerability management suite that has made a big difference because of its ability to automate the cybersecurity testing in today’s companies. Prior to about five years ago, most applications were deployed from a corporate server and all of its functions were protected by the enterprise security products already in place. That has changed now because it has gotten so much easier to put applications out from the web, and when you do that, it opens up huge vulnerabilities for organizations worldwide because there was never a need to write these applications with security built-in. Today’s hackers can now access and fool those applications into giving up confidential customer information or corporate plans that are then sold on the black market. And because programmers were never taught how to write secure code, it’s going to take time for their skill levels to come up to speed. Today, writing secure code is no longer a choice as supported by Morgan’s Forbes article citing the DHS statement that 90 percent of security incidents result from exploits against defects in software.
So, the application security marketplace, (AppSec for short,) is revving up. Today’s companies have to test the security of their apps using a wide range of tools that look at the code and at how the application interacts with other components to try to discover all of the software vulnerabilities that need to be fixed. Many companies use spreadsheets to keep track of all of these vulnerabilities and it has been an extremely tedious task. That is where Code Dx comes to the rescue though because companies can now use Code Dx as a central console to automate this function. Not only does it keep track of all of the vulnerabilities discovered by multiple tools, it deduplicates those vulnerabilities and even prioritizes which weaknesses are the scariest and need to be fixed first. It saves a lot of time and resources in securing code from attack.
And there’s more exciting news. Code Dx is being recognized at the 2016 RSA Conference, the world’s largest IT security tradeshow, with an industry award from a leading publication! Code Dx is also a finalist in the Info Security Products Guide “Startup of the Year” competition and the company was also listed fifteenth on the Cybersecurity 500 World’s Hottest Security Companies for the first quarter of 2016! Pretty exciting stuff here so just had to share it.