Code Dx, Inc., today announced that Code Dx Enterprise has won the CyberSecurity Breakthrough Award for the Vulnerability Management Solutions of the Year. CyberSecurity Breakthrough Award recognizes excellence in information security and cybersecurity technology companies, products and people.read more
Code reuse (or software reuse) is defined exactly as one would expect: reusing code that already exists either within your organization or externally when developing new software.
The existing code may be reused to perform the same or very similar function. There are varying degrees of code reuse, ranging from repurposing a small section of internal code to relying on large third-party libraries and open-source frameworks.
Continuous Integration (CI) and Continuous Delivery (CD), or CI/CD, are part of the Agile approach to software development. The most prominent aspect of Agile development—and it’s most important rule—is that it requires software development to be responsive to change through an iterative process.read more
The 2018 Global Security Report from Trustwave found that all web applications are vulnerable to attack. Yes, you read that right. All applications had at least one vulnerability, and the average number of vulnerabilities found per application was eleven.read more
DevOps and DevSecOps are terms that application development and security teams have become very familiar with in the past few years, especially as internet-connected users demand constant updates and improvements to applications.read more
Everywhere you look, people are on their smartphones. These devices have become a permanent fixture in our lives. We spend more time on our smartphones than we do on our desktops, making mobile devices a bigger target for cyber attacks. To make matters worse, the vast...read more
Some predict that cybercrimes will cost $6 trillion in damages per year by 2021. In response, governments around the world have decided to fight back against cyberattacks and counter threats with a host of new cybersecurity regulations for financial services.read more
Gartner expects global enterprise security spending to increase 8% from 2017, reaching a total of $96.3 billion in 2018. Increased awareness of security threats (thanks to more high-profile breaches at companies such as Equifax) and regulatory compliance are two of...read more
Application security testing is an integral part of the development process. A proper testing methodology utilizes multiple tools (and types of tools) and incorporates application security testing into the design, development, and production phases of the application development lifecycle. But you may find yourself overwhelmed by the inundation of results from all of these testing tools.read more
Code Dx Enterprise 3.0 Now Offers Static and Dynamic Hybrid Analysis for Application Security Testing
Code Dx, Inc. today announced a significant new capability— Static & Dynamic Hybrid Analysis—to be included in Code Dx Enterprise 3.0. In addition to Hybrid Analysis, Code Dx Enterprise 3.0 supports and integrates with more than 40 commercial and open-source SAST, DAST, and IAST tools and techniques to provide total software application vulnerability correlation and management.read more
Information security breaches continue to make headlines. 2017 and early 2018 saw several major organizations such as Equifax and even the IRS fall prey to hackers who exploited security vulnerabilities.
Attacks come fast, starting within one day of Common Vulnerabilities and Exposures (CVEs) being released. Sometimes, zero days. How do you protect yourself?
The cost and time required for comprehensive application security testing often deters businesses from implementing a proper strategy for testing and remediation of vulnerabilities. Of course, that’s asking for trouble. Fortunately, the process can be streamlined, enabling you to conduct application security testing in a more efficient and timely manner.read more
Web application attacks are on the rise, with a 69% increase from Q3 2016 to Q3 2017. There has been a large increase in attacks coming from the U.S., with an increase of more than 200% in U.S.-based attacks on web applications in just one year. If you weren’t worried about security issues with your web applications before, you should be now. This article provides more details on why web application security should always be on your mind, and what you need to do to protect yourself, your business, and your users.read more
You’ve accepted the importance of application vulnerability testing to ensure the security of your software. That’s good. There are many options available when it comes to application vulnerability testing software, so it can become confusing to know which tools are the right ones to use. Different tools identify different problems when it comes to application vulnerability testing, so you need to consider using more than one.read more
New year, new security threats: The top 2017 application hacks, and what you need to look out for in 2018
2017 was no stranger to application security threats, with some of the biggest hacks, to date, taking place. In fact, during the third quarter of 2017 there were more than 230 million web application attacks on websites in the U.S. Despite these figures, a 2017 study...read more
White Box, Black Box, and Gray Box Vulnerability Testing: What’s the Difference and Why Does It Matter?
2017 saw a record number of security vulnerabilities, with more than 16,000 vulnerabilities reported by the end of Q3. That is more than in all of 2016 combined. While some organizations are addressing these application security risks quickly, others are failing to do...read more
Gartner identifies the next step in software vulnerability management: Application Vulnerability Correlation (AVC)
You’ve learned that it takes more than one application security tool to secure your code. As you add software vulnerability testing tools to examine your application from every possible angle, the number of results you have to manage grows. It’s great that you can...read more
DHS has declared October National Cybersecurity Awareness Month in an effort to—you guessed it—raise awareness about our shared responsibility in keeping cyberspace secure for everyone. I’m all for educating people about security threats and what they can do to prevent breaches, but there must come a time when awareness turns to action.read more
Your company has defined and implemented an application security management program. You have spent time and money purchasing and installing various Automated Software Testing (AST) tools and techniques to run your application through it’s paces. These AST tools generate lists of vulnerabilities. Why is it that you can’t just give these lists to your team and have them fix the items on the list?read more
You almost can’t build a web application today without making use of third-party open source code. But how do you know that code you imported into your application from GitHub is secure? If the study sponsored by our technology partner and industry leader...read more
Code Dx has added powerful new features to help you secure your mobile app.read more
Code Dx Version 2.6 Supports NIST 800-53 Compliance and Application Security Testing for Mobile Apps through NowSecure
Code Dx, Inc. today announced version 2.6 of its flagship Application Software Vulnerability Correlation and Management solution, Code Dx Enterprise.read more
Code Dx, Inc., today announced the release of version 2.5 of its software vulnerability correlation and management solutions providing increased flexibility for user customizations.read more
Is your software subject to HIPAA regulations? If so, you need a way to test for application security vulnerabilities.
Software application security vulnerabilities can create major risks for developers and development managers who must comply with HIPAA. The responsibility for protecting sensitive data extends all the way into your code. There is the obvious issue of patient...read more
Software vulnerabilities can cause major problems for developers and developing managers. More than 50% of all software breaches involve web applications; however, less than 10% of organizations…read more