The Department of Homeland Security has chosen to feature Code Dx, software assurance visualization technology developed by the Secure Decisions division of Applied Visions, on its Build Security In website.
NORTHPORT, NY, August 05, 2012 /24-7PressRelease/ -- The Department of Homeland Security has chosen to feature Code Dx, software assurance visualization technology developed by the Secure Decisions division of Applied Visions, on its Build Security In website. The DHS National Cyber Security Division maintains the Build Security In site as a resource to software developers, with the mission of "setting a higher standard for software assurance." Code Dx is the only technology specifically highlighted in the Technologies and Tools section of the site.
In the same week Code Dx was also featured in the Tool Integration Frameworks section of the SAMATE (Software Assurance Metrics And Tool Evaluation) website, hosted by the National Institute of Standards and Technology (NIST).
This recognition stems from a recent presentation by Secure Decisions at the June DHS Software Assurance Working Group in McLean, Virginia, where the first version of Code Dx was released for evaluation.
Code Dx, which is being developed under a Phase II Small Business Innovation Research (SBIR) program funded by DHS / Science & Technology Directorate, is a cyber security tool for correlating and visualizing the results from several open-source and commercial software assurance static analysis tools. Code Dx helps application security auditors and security analysts, who conduct quality assurance and security audits of newly-developed and legacy Java source code, to make sense of the huge amount of diagnostic data produced by those static analyzers. These analysts, as well as the software engineers developing the code, must prioritize weaknesses and diagnose source code problems that could be exploitable by cyber attackers.
The Build Security In Software Assurance Initiative (BSI) is a project of the Strategic Initiatives Branch of the National Cyber Security Division (NCSD) of the Department of Homeland Security. The software assurance and software security information available at Build Security In can help software developers, architects, and security practitioners create secure systems. Executives of software organizations, and managers of software developers and development teams, will also find benefit in the software assurance best practices, knowledge, and tools.
The NIST SAMATE project is dedicated to improving software assurance by: developing methods to enable software tool evaluations; measuring the effectiveness of tools and techniques; and identifying gaps in tools and methods. The scope of the SAMATE project is broad, ranging from operating systems to firewalls, SCADA to web applications, and source code security analyzers to correct-by-construction methods.
