Code Dx, Inc., a provider of an award-winning suite of time-saving and easy-to-use tools that help software developers, testers and security analysts find, prioritize and manage software vulnerabilities, today announced the availability of Code Dx 2.4. The new version adds support for Contrast Security’s Assess IAST (Interactive Application Security Testing) solution further improving the quality of an organization’s Application Security Testing (AST) results. Other features have been added to help users better track their progress in remediating the flaws and vulnerabilities that they have found in their applications.
Code Dx already supports more than 40 AST tools and various techniques, including Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), manual inspection, and third-party component analysis. Now, in version 2.4, through its partnership with Contrast Security, Code Dx supports IAST, which combines static and dynamic AST methods to enhance testing results by detecting vulnerabilities from within a running application.
“We have made it simple for our end users to leverage the power of Contrast Security’s Assess IAST solution. They can automatically pull results from Assess IAST on a continuous basis without downloading and then uploading scan results each time. They simply open Code Dx and the latest results are there,” said Ken Prole, CTO for Code Dx. “We also made other enhancements to Code Dx to improve the value Code Dx offers its users by adding new filters for temporal analysis of findings across scans. These filters help users better understand the results and how to optimize their AST processes.”
The new Age Filter in version 2.4 tracks how long a vulnerability has been in the queue to be resolved, helping organizations better understand bottlenecks in their processes. Code Dx not only allows users to view vulnerabilities based on age, but also enables the combination of the data with other filters, such as cross-referencing it with high-severity vulnerabilities.
Code Dx 2.4 also offers Time/Version Filters. These temporal filters help users understand how many new findings have been added since the last analysis, with the last code commit, between a certain timeframe, between two versions, or during development versus post-release.
Code Dx offers easy solutions for establishing a software assurance program within an organization, or enhancing an existing software assurance program. Stat! from Code Dx is a quick and low-cost tool to get started finding and managing quality flaws and security vulnerabilities through static code analysis. Code Dx Enterprise automates the correlation and management of flaws and vulnerabilities from more than 40 static, dynamic and interactive tools, as well as from your own manual code analysis. These solutions are available worldwide.