Software Developments, Vulnerabilities and Exploits

Data, data everywhere: How to effectively manage the deluge of SAST and DAST results

Application security testing is an integral part of the development process. A proper testing methodology utilizes multiple tools (and types of tools) and incorporates application security testing into the design, development, and production phases of the application development lifecycle. But you may find yourself overwhelmed by the inundation of results from all of these testing tools.

Code Dx Enterprise 3.0 Now Offers Static and Dynamic Hybrid Analysis for Application Security Testing

Code Dx, Inc. today announced a significant new capability— Static & Dynamic Hybrid Analysis—to be included in Code Dx Enterprise 3.0. In addition to Hybrid Analysis, Code Dx Enterprise 3.0 supports and integrates with more than 40 commercial and open-source SAST, DAST, and IAST tools and techniques to provide total software application vulnerability correlation and management.

Application vulnerability testing software – tools that help secure your software

You’ve accepted the importance of application vulnerability testing to ensure the security of your software. That’s good. There are many options available when it comes to application vulnerability testing software, so it can become confusing to know which tools are the right ones to use. Different tools identify different problems when it comes to application vulnerability testing, so you need to consider using more than one.

Software Vulnerability Management: Why it’s not as easy as “find it and fix it.”

Your company has defined and implemented an application security management program. You have spent time and money purchasing and installing various Automated Software Testing (AST) tools and techniques to run your application through it’s paces. These AST tools generate lists of vulnerabilities. Why is it that you can’t just give these lists to your team and have them fix the items on the list?

Security Misconfiguration

The fifth most critical web application security risk according to the 2013 Open Web Application Security Project (OWASP) Top 10 list is Security Misconfiguration.  This is only the second time it has made the list, starting in the sixth position on the 2010 list....

Insecure Direct Object References

Insecure Direct Object References have occupied the fourth spot of the Open Web Application Security Project (OWASP) Top 10 list of the most critical web application security risks since 2007; however, these flaws didn’t even make the list when it was first created in...

Cross Site Scripting (XSS)

Number three on the 2013 Open Web Application Security Project (OWASP) Top 10 most critical web application security risks is Cross-Site Scripting (XSS), which moved down the list from the number two spot in 2010 and the top position in 2007.  It started on the...

Broken Authentication and Session Management

Managing user name and passwords has become a cumbersome task in today’s internet-driven world.  However, managing user name and passwords is a necessary evil with the rapid growth in data, advancements in mobile and cloud technologies and the increasing plethora of...

© 2018 Code Dx, Inc. (631) 759-3993 | Privacy Policy | Contact Us