Software Assurance

SwA-Vis

Secure Decisions’ Visual Analysis Tool visualizes and correlates weakness data from disparate code analysis tools, putting them into the proper context for effective triage and mitigation. The tool is aligned with the emerging concept of a vendor-agnostic Software Assurance ecosystem. The Visual Analysis Tool’s multi-faceted visualizations provide investigative flexibility to pinpoint high priority problem areas within the analyzed codebases. SDLC integration is automated to augment the analysis with weakness traceability as well as significantly speed-up remediation by automating issue-creation and tracking.

CWE-Vis

Common Weakness Enumeration Visualization (CWE-Vis)

CWE-Vis is a resource made available to the software assurance community to explore and learn about weaknesses in software. It provides visualizations and interactions with MITRE’s Common Weakness Enumeration (CWE), an international standard created to define a dictionary of software weaknesses. The CWE greatly facilitates the discussion and collaboration in efforts revolving around the always-present quest to improve software systems. CWE-Vis helps users familiarize themselves with the CWE through visual means. High-level CWE structures and detailed relationship graphs are displayed visually helping users gain a better and quicker understanding of the CWE. Powerful filtering and searching is made available to allow users to focus in on the details of how weaknesses can be manifested in source code and ways to avoid and fix them.