Google Ads
Product News : Code Dx Version 1.6 Helps Developers to Identify Software Vulnerabilities
on 2015/2/3 12:59:49 (524 reads)
Product News

Code Dx, a provider of a robust suite of fast and affordable tools that help software developers and security analysts find, prioritize and visualize software vulnerabilities, today announced the release of version 1.6 of its innovative software assurance solution, Code Dx®. The robust software tool now offers seamless integration with Visual Studio and Eclipse, as well as Git and Jenkins, enabling developers to more efficiently and effectively identify, report and fix weaknesses throughout the software development lifecycle.

The number of U.S. data breaches reached a record high in 2014 according to the Identity Theft Resource Center, increasing 27.5 percent over breaches reported in 2013. Industry experts and the Department of Homeland Security (DHS) have traced most compromises to poorly written software. By leveraging Static Application Security Testing (SAST) tools, vulnerabilities can be identified during the development cycle and as part of the acquisition process.

"Code Dx helps eliminate weaknesses in software before hackers have a chance to exploit them. Developers can simply feed their source code into Code Dx anytime during the software development lifecycle and Code Dx automatically selects and runs the appropriate open-source SAST tools for each language in the software code base," said Anita D'Amico, Ph.D., director of Secure Decisions, the company that developed Code Dx. "The primary focus of our development team for version 1.6 was integration. By providing seamless integration with popular development tools, Code Dx enables a more streamlined process to continually include security in the software development lifecycle."

Code Dx Version 1.6 now integrates with the following four development tools:
* Visual Studio and Eclipse - Providing plugins for these two popular Integrated Development Environments (IDEs), Code Dx eliminates a major step for developers during the testing process, resulting in significant time savings and increased effectiveness. Developers can now remain in the Visual Studio or Eclipse environment to find bugs and then fix them, eliminating the need to go back and forth between the Code Dx web interface and IDE. They can also double click on anything in the report and see the relevant source so that an issue can be fixed right then and there.
* Git - Through seamless integration with Git, the most widely adopted version control system for software developers, Code Dx users now just need to configure it once and point Code Dx directly to their source code repository and Code Dx will then automatically fetch the source and run it through the scanners. This saves users from having to package up their source code each time, push it to Code Dx and scan it.
* Jenkins - Tightly integrated with this popular continuous integration server for Java environments, the Code Dx plugin can sit on the same project -- as Jenkins processes the code and finds any errors, it can then pass artifacts over to Code Dx to be scanned for vulnerabilities.

Printer Friendly Page Send this Story to a Friend Create a PDF from the article

Copyright (c) 2007-2014 Martinig & Associates | Methods & Tools Software Development Magazine | Privacy Policy
Software Development Articles | Software Development Directory | Software Development Videos
Software Development Jobs | Software Development News | Software Development Books
Software Development Blogs | Software Development Conferences