NORTHPORT, NY, May 12, 2014 – SecureDecisions, the cyber security division of Applied Visions, Inc., today announced the release of Code Pulse™ v1.0, an open source and free software assurance analytics tool that provides insight into the real-time code coverage of black box software testing activities. Code Pulse listens in behind the scenes while users perform their manual or automated testing and identifies code coverage in real-time as the tests are being performed. It visually provides an understanding of coverage overlaps and boundaries of multiple different dynamic application security testing (DAST) and penetration testing tools.
Code Pulse presents test coverage information in an easy-to-understand visual form that helps testers determine which parts and how much of an application has been covered. This real-time coverage feedback makes it easy to adjust testing activity based on the observed code coverage. “Complete code coverage analysis of the attack surface is incredibly important especially when testing critical software and systems” said Hassan Radwan, Principal Investigator for the Code Pulse program. “Code Pulse represents a real break-through in support for real-time code coverage analysis testing and in helping testers see at-a-glance their results in a clear and unambiguous way. “
Code Pulse’s rich feature set provides benefits that help application security and penetration testers to:
- Understand where the gaps in test coverage are – Code Pulse shows you exactly what methods were called, and clearly identifies coverage gaps.
- Compare coverage across testing tools – use Code Pulse to monitor and compare test coverage from multiple automated penetration testing tools.
- Communicate testing activity effectively – Code Pulse can export coverage activity and easily share these results with others.
- Fine-tune penetration testing tools by identifying scan deficiencies.
Kevin Greene, DHS’s Software Assurance Program Manager, said “Code Pulse is an investment and commitment by DHS S&T to help reduce the considerable risk in today’s software systems. Penetration testers and other applications security testers can use Code Pulse to see the amount of code covered in their vulnerability analyses.“
Code Pulse is freely available from Secure Decisions, and is also an open source OWASP project at http://www.code-pulse.com. Your new ideas and contributions to the Code Pulse open source development project are what will help to make Code Pulse a premier software assurance and penetration testing tool.
To learn more about Code Pulse™, visit:
To learn more about the DHS Science & Technology research and technologies to protect the homeland, visit http://www.dhs.gov/st-directorate-organization.
About Applied Visions and Secure Decisions
Secure Decisions was launched as a division of Applied Visions, Inc. (AVI) in 2000 to focus on cyber security and homeland security research and products. Today, Secure Decisions is a leader in security visualization with an established track record of R&D contracts, technology transition, and product development. Secure Decisions’ technologies are used to enhance the situational awareness of software developers and security professionals in government and commercial organizations. Code Dx, Code Pulse™, VIAssist™, and MeerCAT® are among Secure Decisions’ extensive portfolio of cyber defense solutions. For more information, please visit www.securedecisions.com.
The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of Department of Homeland Security, Air Force Research Laboratory or the U.S. Government. All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.