Division of Applied Visions, Inc. to develop a software assurance risk management framework for supporting static and dynamic code analysis to help secure software developed for government, industry and academia.
NORTHPORT, New York, June 7, 2013 – Secure Decisions, a division of Applied Visions and developer of visual analytic tools for software assurance and cyber security, has received a Small Business Innovative Research (SBIR) Phase I award under a US Department of Homeland Security (DHS) program. The company was selected for this software assurance contract by the DHS Science & Technology Directorate, Washington, DC. Under the contract, Secure Decisions will develop the Code Ray™ software assurance risk management framework, to correlate the results of static and dynamic software analysis tools towards the goal of improving software vulnerability detection. The Code Ray technology will complement and support Secure Decisions Code Dx™ static source code analysis and Code Pulse™ dynamic tracing technologies.
About Code Ray™
Under a 6-month Phase I software development initiative begun in May 2013, Code Ray will be developed as a software assurance risk management and visualization framework to help software developers, security analysts, and quality assurance engineers better identify and remediate software vulnerabilities within developed code bases. The tool seeks to improve the analysis speed, accuracy and confidence in detection of vulnerabilities by cross-mapping and normalizing the output of dynamic application security testing (DAST) with static application security testing (SAST) tools. Using the DAST-to-SAST merged results, Code Ray will map the correlated findings to selected industry standards, such as FISMA, HIPAA, and PCI to help consumers understand and communicate the relevance and risks of software vulnerabilities to these widely recognized compliance standards.
The addition of Code Ray to Secure Decisions software assurance product offerings, which also includes Code Dx™ and Code Pulse™, will provide a more robust software assurance tool suite solution to customers seeking to improve the security and compliance posture of their existing and future code bases.
This material is based on research sponsored by the Department of Homeland Security (DHS) Science and Technology Directorate, Cyber Security Division (DHS S&T/CSD), Small Business Innovative Research Program via contract number HSHQDC-13-C-0036. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of the Department of Homeland Security, the Science & Technology Directorate, or the U.S. Government.
To learn more about Secure Decisions software assurance tools go to http://securedecisions.com/research-development/software-assurance/.
About Applied Visions and Secure Decisions
Applied Visions, Inc. (AVI) provides software products, custom solutions, and advanced technology research for commercial and government customers. The company’s vision and expertise in visual software solutions for complex defense, national security, and business problems have served AVI’s customers in the Department of Defense, Department of Homeland Security, Federal Bureau of Investigation, and prominent technology and Fortune 500 firms. Founded in 1987, AVI is based in Northport, NY, and has secure facilities and clearances to support classified government programs.
Secure Decisions was launched by AVI in 2000 to focus on cyber security research and products for the government. Today, Secure Decisions is a leader in security visualization, with an established track record of R&D contracts, technology transition and product development. Secure Decisions’ technologies are used to enhance the situational awareness of software developers and security professionals in government and commercial organizations. SecureScope™, VIAssist™, MeerCAT® and Code Dx™ are among Secure Decisions’ extensive portfolio of cyber defense solutions.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.