SOURCE: Code Dx

Code Dx

January 29, 2015 09:28 ET

Code Dx® Version 1.6 Empowers Developers to Identify Software Vulnerabilities Before Hackers Can Attack

Integration With Visual Studio, Eclipse, Git, and Jenkins Enables the Identification of Weaknesses Throughout the Software Development Lifecycle

NORTHPORT, NY--(Marketwired - Jan 29, 2015) - Code Dx, a provider of a robust suite of fast and affordable tools that help software developers and security analysts find, prioritize and visualize software vulnerabilities, today announced the release of version 1.6 of its innovative software assurance solution, Code Dx®. The robust software tool now offers seamless integration with Visual Studio and Eclipse, as well as Git and Jenkins, enabling developers to more efficiently and effectively identify, report and fix weaknesses throughout the software development lifecycle.

The number of U.S. data breaches reached a record high in 2014 according to the Identity Theft Resource Center, increasing 27.5 percent over breaches reported in 2013. Industry experts and the Department of Homeland Security (DHS) have traced most compromises to poorly written software. By leveraging Static Application Security Testing (SAST) tools, vulnerabilities can be identified during the development cycle and as part of the acquisition process.

"Code Dx helps eliminate weaknesses in software before hackers have a chance to exploit them. Developers can simply feed their source code into Code Dx anytime during the software development lifecycle and Code Dx automatically selects and runs the appropriate open-source SAST tools for each language in the software code base," said Anita D'Amico, Ph.D., director of Secure Decisions, the company that developed Code Dx. "The primary focus of our development team for version 1.6 was integration. By providing seamless integration with popular development tools, Code Dx enables a more streamlined process to continually include security in the software development lifecycle."

Code Dx Version 1.6 now integrates with the following four development tools:

  • Visual Studio and Eclipse - Providing plugins for these two popular Integrated Development Environments (IDEs), Code Dx eliminates a major step for developers during the testing process, resulting in significant time savings and increased effectiveness. Developers can now remain in the Visual Studio or Eclipse environment to find bugs and then fix them, eliminating the need to go back and forth between the Code Dx web interface and IDE. They can also double click on anything in the report and see the relevant source so that an issue can be fixed right then and there.
  • Git - Through seamless integration with Git, the most widely adopted version control system for software developers, Code Dx users now just need to configure it once and point Code Dx directly to their source code repository and Code Dx will then automatically fetch the source and run it through the scanners. This saves users from having to package up their source code each time, push it to Code Dx and scan it.
  • Jenkins - Tightly integrated with this popular continuous integration server for Java environments, the Code Dx plugin can sit on the same project -- as Jenkins processes the code and finds any errors, it can then pass artifacts over to Code Dx to be scanned for vulnerabilities.

Availability:
Code Dx is a low cost and practical first step towards establishing a software assurance program within an organization or enhancing an existing software assurance program. Code Dx Standard Edition Version 1.6 and Code Dx Enterprise Edition Version 1.6 are available worldwide. 

Code Dx Free 30-Day Trial:
To download a trial of the Code Dx Standard Edition, please visit: http://codedx.com/download-free-trial or email trial@codedx.com. To arrange for an evaluation copy of the Code Dx Enterprise Edition, please email trial@codedx.com.

About Code Dx
Code Dx was developed to provide an easy and affordable way for developers and security analysts to find vulnerabilities in software. The core technology was built by Secure Decisions and partially funded by DHS Science & Technology to help secure the software supply chain. For more information, please visit www.codedx.com or contact Code Dx at (631) 759-3993 or via Info@CodeDx.com.

Keywords: software assurance, application security testing, application security, cyber security, DHS, risk management, SAST, Code Dx, Secure Decisions, software security, static analysis, static source code analysis, open source static analysis tools, visual analytics, visualization.

All trademarks, trade names, service marks, and logos referenced herein belong to their respective parties.

Contact Information

  • Press Inquiries:
    Karen Higgins
    A&E Communications, Inc.
    610-831-5723
    Email Contact