Code Dx v1.1 Adds Capabilities for Discovering, Analyzing and Visualizing Vulnerabilities in .NET Source Code
NORTHPORT, NY, April 16, 2013– The Secure Decisions Division of Applied Visions has released a new version of its software assurance analytics tool, Code Dx Version 1.1.
Code Dx, a software assurance analytics tool that consolidates and normalizes software vulnerabilities detected by multiple static application security testing (SAST) tools, was developed under a Department of Homeland Security (DHS) Science & Technology (S&T) Directorate Small Business Innovative Research (SBIR) program. Its visual analytics help many engineering professionals – including Software Developers, Security Auditors, Compliance Officers and Quality Assurance engineers – triage and prioritize detected software vulnerabilities for efficient remediation.
This new version of Code Dx provides several significant features and upgrades that support the analysis of .NET code bases. In addition to Code Dx’s support for open source tools PMD, FindBugs, JSHint and CppCheck, Code Dx now includes support for .NET programming languages. Through the integration of freely available tools FxCop, CAT.NET and Gendarme, Code Dx now supports detailed code analysis for C# and Visual Basic.NET. The triage reports have also been enhanced within Code Dx to generate detailed PDF Assessment Reports. The new reports provide a weakness summary containing findings delineated by severity, status and the tools that identified the weaknesses, and weakness details containing code snippets and affected line of code identification.
These new features will help current and future Code Dx users by providing a greater ability to use the tool across multiple programming languages that are heavily used in development today and more comprehensive reporting – all to provide a more accurate picture of the security state of their software codebases. “We always maintain a keen awareness of our users’ software assurance needs as well as the ever changing software security landscape.” said Ken Prole, Principal Investigator for Code Dx. “These new enhancements to Code Dx help to provide broader assessment coverage of a variety of current and future codebases, and as Code Dx matures, we will continue to expand the depth and breadth of its ability to provide a more comprehensive view of our customers’ software security status.”
Code Dx embeds and automatically runs open source static application security testing tools, combines, correlates, and normalizes their results, and provides a visual interface for viewing and prioritizing those results. Its advanced filtering capability allows users to focus on the highest priority software weaknesses first, streamlining the triage and remediation of detected software vulnerabilities.
Whether an organization is implementing a new software assurance program or maintains an established and maturing program, Code Dx Standard and Enterprise editions provide great utility and benefits in both environments. Its broad software vulnerability coverage, normalization and prioritization of results, intuitive user interface, relevant reports, and affordability make it an excellent choice for all software assurance analysis environments.
Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Code Dx Standard Edition version 1.1 and Code Dx Enterprise Edition version 1.1 are available worldwide.
Code Dx Free 30-Day Trial:
To download a trial of the Code Dx Standard Edition, please visit:
http://codedx.com/download-free-trial or email [email protected]
To arrange for an evaluation copy of the Code Dx Enterprise Edition, please email [email protected]
To learn more about Code Dx™, visit:
To learn more about the DHS Science & Technology research and technologies to protect the homeland, visit http://www.dhs.gov/st-directorate-organization.
About Applied Visions and Secure Decisions
Secure Decisions was launched as a division of Applied Visions, Inc. (AVI) in 2000 to focus on cyber security and homeland security research and products. Today, Secure Decisions is a leader in security visualization with an established track record of R&D contracts, technology transition, and product development. Secure Decisions’ technologies are used to enhance the situational awareness of software developers and security professionals in government and commercial organizations. Code Dx®, VIAssist™, and MeerCAT® are among Secure Decisions’ extensive portfolio of cyber defense solutions. For more information, please visit www.securedecisions.com.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.