SOURCE: Code Dx

Code Dx

December 09, 2015 08:00 ET

Code Dx Version 2.0 Now Supports DAST Tools, Increasing Software Vulnerability Coverage

New Version of Software Vulnerability Management System Adds Support for Dynamic Analysis Tools, Android Mobile Application Security and JIRA Integration for Enhanced Application Security

NORTHPORT, NY--(Marketwired - Dec 9, 2015) - Code Dx, Inc., a provider of a robust suite of fast and affordable tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced version 2.0 of its Software Vulnerability Management System. Code Dx 2.0 now offers support for results from DAST (Dynamic Application Security Testing) and Android mobile application security analyses in the Enterprise Edition, along with JIRA integration and many other enhancements in both the Standard and Enterprise Editions. The Code Dx centralized console provides users with a consolidated interface to easily and cost-effectively identify and manage vulnerabilities in their software code.

"Due to the majority of cyber breaches that are caused by weaknesses in software code, application security testing has become a necessity," said Anita D'Amico, Ph.D., CEO for Code Dx. "Since no one tool can find even the majority of the weaknesses, it is recommended to use multiple tools. Code Dx enables users to leverage the power of hybrid analysis techniques -- multiple commercial and open source SAST and DAST tools, third-party component analysis and manual code review -- and then correlates and consolidates the findings in one user interface for easy management and remediation. The addition of DAST tools support in Code Dx 2.0 is a significant enhancement that will improve code coverage for users."

The research and development for Code Dx was partially funded by the Department of Homeland Security Science & Technology (DHS S&T) Directorate. Some of the new features and functionality in Code Dx 2.0 include:

  • DAST tools support including: Acunetix, Arachni, BurpSuite, HP WebInspect, IBM AppScan, Netsparker, OWASP ZAP, and Veracode (Enterprise Edition)
  • Support for Android mobile application security support (Enterprise Edition)
  • JIRA issue tracker integration allowing users to associate Code Dx findings with JIRA issues and assign them to the development team for remediation
  • Merging of duplicate results with customizable correlation logic
  • Incremental data upload enabling users to upload results one at a time
  • Maps results to the Common Weakness Enumeration (CWE) and eight industry standards (OWASP Top 10; CWE/SANS Top 25; CERT Java and C/++ coding standards; Seven Pernicious Kingdoms (7PK); Web Application Security Consortium (WASC); Comprehensive, Lightweight Application Security Process (CLASP); and Software Fault Patterns (SFP))
  • Advanced search filter capabilities enables in-depth exploration of results to find vulnerability details
  • Carry-over triage settings and comments from tools, streamlining the triage process

Availability:
Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Code Dx Standard Edition Version 2.0 and Code Dx Enterprise Edition Version 2.0 are available worldwide.

Code Dx Free 30-Day Trial:
To download a trial of the Code Dx Standard Edition, please visit: http://codedx.com/download-free-trial or email trial@codedx.com. To arrange for an evaluation copy of the Code Dx Enterprise Edition, please email trial@codedx.com.

About Code Dx

Code Dx, Inc. is a provider of easy and affordable software vulnerability management systems that enable software developers, testers and security analysts to find and manage vulnerabilities in software. The Code Dx solutions integrate the results of multiple static and dynamic Application Security Testing (AST) tools and manual reviews into a consolidated set of results for quick and easy triage, prioritization and remediation. The core technology was partially funded by Department of Homeland Security Science & Technology (DHS S&T) to help secure the nation's software supply chain. For more information, please visit www.codedx.com or contact Code Dx at (631) 759-3993 or via email at Info@CodeDx.com.

Keywords: application security testing, application security, Code Dx, cyber security, cybersecurity, DAST, DHS, dynamic analysis, dynamic application security testing, open source static analysis tools, risk management, SAST, Secure Decisions, software assurance, software component vulnerabilities, software security, software vulnerability management, static analysis, static source code analysis, visual analytics, visualization software library, vulnerability assessment tools, vulnerabilities.

All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.

Contact Information

  • Press Inquiries:
    Karen Higgins
    A&E Communications, Inc.
    610-831-5723
    Email Contact