NORTHPORT, NY, July 16, 2012 – The Department of Homeland Security has chosen to feature Code Dx, software assurance visualization technology developed by the Secure Decisions division of Applied Visions, on its Build Security In website. The DHS National Cyber Security Division maintains the Build Security In site as a resource to software developers, with the mission of “setting a higher standard for software assurance.” Code Dx is the only technology specifically highlighted in the Technologies and Tools section of the site.
In the same week Code Dx was also featured in the Tool Integration Frameworks section of the SAMATE (Software Assurance Metrics And Tool Evaluation) website, hosted by the National Institute of Standards and Technology (NIST).
This recognition stems from a recent presentation by Secure Decisions at the June DHS Software Assurance Working Group in McLean, Virginia, where the first version of Code Dx was released for evaluation.
Code Dx, which is being developed under a Phase II Small Business Innovation Research (SBIR) program funded by DHS / Science & Technology Directorate, is a cyber security tool for correlating and visualizing the results from several open-source and commercial software assurance static analysis tools. Code Dx helps application security auditors and security analysts, who conduct quality assurance and security audits of newly-developed and legacy Java source code, to make sense of the huge amount of diagnostic data produced by those static analyzers. These analysts, as well as the software engineers developing the code, must prioritize weaknesses and diagnose source code problems that could be exploitable by cyber attackers.
The Build Security In Software Assurance Initiative (BSI) is a project of the Strategic Initiatives Branch of the National Cyber Security Division (NCSD) of the Department of Homeland Security. The software assurance and software security information available at Build Security In can help software developers, architects, and security practitioners create secure systems. Executives of software organizations, and managers of software developers and development teams, will also find benefit in the software assurance best practices, knowledge, and tools.
The NIST SAMATE project is dedicated to improving software assurance by: developing methods to enable software tool evaluations; measuring the effectiveness of tools and techniques; and identifying gaps in tools and methods. The scope of the SAMATE project is broad, ranging from operating systems to firewalls, SCADA to web applications, and source code security analyzers to correct-by-construction methods.
For information on evaluating or becoming an early adopter of the Code Dx technology, contact [email protected].
To learn more about Code Dx, visit https://secdecwp.wpengine.com/codedx.
To learn more about Build Security In, visit https://www.us-cert.gov/bsi.
To learn more about the NIST SAMATE project, visit http://samate.nist.gov/Main_Page.htm.
About Secure Decisions and Applied Visions
Secure Decisions is a division of Applied Visions, Inc. with a specific focus on cyber security research and products for the government. Today, Secure Decisions is a leader in cyber security visualization, with an established track record of R&D contracts, technology transition and product development. Secure Decisions’ products are used to enhance the situational awareness of senior officers, computer network defenders and other security professionals in government and commercial organizations. SecureScope™, VIAssist™, and MeerCAT® are among Secure Decisions’ extensive portfolio of cyber defense solutions.
Applied Visions, Inc. (AVI) provides software products, custom solutions, and advanced technology research for commercial and government customers. The company’s vision and expertise in visual software solutions for complex defense, national security, and business problems have served AVI’s customers in the Department of Homeland Security, Department of Defense, Federal Bureau of Investigation, and prominent technology and Fortune 500 firms.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.