Code Dx v1.2 adds capabilities for discovering, analyzing and visualizing software vulnerabilities from open source and commercial static application security testing tools.
NORTHPORT, NY June 27, 2014– The Secure Decisions Division of Applied Visions, Inc. has released a new version of its software assurance analytics tool, Code Dx Version 1.2.
Code Dx, a software assurance analytics tool that consolidates and normalizes software vulnerabilities detected by multiple static application security testing (SAST) tools, was developed under a Department of Homeland Security (DHS) Science & Technology (S&T) Directorate Small Business Innovative Research (SBIR) program. Its visual analytics help engineering professionals – including Software Developers, Security Auditors, Compliance Officers and Quality Assurance engineers – triage and prioritize detected software vulnerabilities for effective remediation.
The new Enterprise Edition of Code Dx has added support for a cadre of commercial static application security testing (SAST) tools including IBM AppScan, GrammaTech’s CodeSonar and Parasoft’s JTest, C/C++Test, and dotTest as well as open-source tools Checkstyle, Google error-prone, and OCLint. These add significant capabilities beyond Code Dx’s existing support for the commercial tools HP Fortify 360 and Armorize Code Secure, and the open-source tools CAT.NET, CppCheck, FindBugs, FxCop, Gendarme, lint, JSHint and PMD. These new features will help current and future Code Dx usersto gain a more accurate picture of the security state of their software codebases. “The use of multiple static application security testing tools is key to establishing and enriching a company’s software assurance program.” said Ken Prole, Principal Investigator for Code Dx. “With the added support for powerful commercial and open source SAST tools, Code Dx is quickly becoming an integral part of any software company’s SwA tool chest.”
Code Dx embeds and automatically runs open source static application security testing tools, combines, correlates, and normalizes their results along with the results from commercial tools, and provides a visual interface for viewing and prioritizing those results. Its advanced filtering capability allows users to focus on the highest priority software weaknesses first, streamlining the triage and remediation of detected software vulnerabilities.
Whether an organization is implementing a new software assurance program or maintains an established and maturing program, Code Dx Standard and Enterprise editions provide great utility and benefits in both environments. Its broad software vulnerability coverage, normalization and prioritization of results, intuitive user interface, relevant summary and detailed reports, and affordability make it an excellent choice for all software assurance analysis environments.
Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Code Dx Standard Edition version 1.2 and Code Dx Enterprise Edition version 1.2 are available worldwide.
Code Dx Free 30-Day Trial:
To download a trial of the Code Dx Standard Edition, please visit:
http://codedx.com/download-free-trial or email [email protected]
To arrange for an evaluation copy of the Code Dx Enterprise Edition, please email [email protected]
To learn more about Code Dx™, visit:
To learn more about the DHS Science & Technology research and technologies to protect the homeland, visit http://www.dhs.gov/st-directorate-organization.
About Applied Visions and Secure Decisions
Secure Decisions was launched as a division of Applied Visions, Inc. (AVI) in 2000 to focus on cyber security and homeland security research and products. Today, Secure Decisions is a leader in security visualization with an established track record of R&D contracts, technology transition, and product development. Secure Decisions’ technologies are used to enhance the situational awareness of software developers and security professionals in government and commercial organizations. Code Dx®, VIAssist™, and MeerCAT® are among Secure Decisions’ extensive portfolio of cyber defense solutions. For more information, please visit www.securedecisions.com.
All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.