Code Dx 1.6 Helps Developers Find Software Vulnerabilities
Secure Decisions' Code Dx 1.6 integrates with Visual Studio, Eclipse, Git and Jenkins to help developers find software flaws.Secure Decisions, a provider of a suite of tools for software developers and security analysts, has released a new version of its Code Dx software assurance solution. The new release, Code Dx 1.6, features integration with Microsoft Visual Studio and Eclipse, as well as Git and Jenkins, enabling developers to more effectively identify, report and fix weaknesses throughout the software development lifecycle. "Code Dx helps eliminate weaknesses in software before hackers have a chance to exploit them," said Anita D'Amico, director of Secure Decisions. "Developers can simply feed their source code into Code Dx any time during the software development lifecycle, and Code Dx automatically selects and runs the appropriate open-source SAST tools for each language in the software code base. The primary focus of our development team for version 1.6 was integration. By providing seamless integration with popular development tools, Code Dx enables a more streamlined process to continually include security in the software development lifecycle." The number of U.S. data breaches reached a record high in 2014, increasing 27.5 percent from 2013, according to the Identity Theft Resource Center. Industry experts and the Department of Homeland Security (DHS) have traced most compromises to poorly written software. By leveraging Static Application Security Testing (SAST) tools, vulnerabilities can be identified during the development cycle and as part of the acquisition process.
By providing plug-ins for the Visual Studio and Eclipse integrated development environments (IDEs), Code Dx eliminates a major step for developers during the testing process, saving time. Developers can now remain in the Visual Studio or Eclipse environment to find bugs and then fix them, eliminating the need to go back and forth between the Code Dx Web interface and IDE. They can also double-click on anything in the report and see the relevant source so that an issue can be fixed right then and there.