Continuous Integration (CI) and Continuous Delivery (CD), or CI/CD, are part of the Agile approach to software development. The most prominent aspect of Agile development—and it’s most important rule—is that it requires software development to be responsive to change through an iterative process.
Ken Prole, CTO of Code Dx, will be speaking at LASCON on October 25 at 2-3pm about the White Hat’s Advantage: Open-source OWASP tools to aid in penetration testing coverage. Code Dx team will also be present at booth #10.
Dr. Anita D’Amico and Chris Horn gave a well-received presentation at AppSec USA about: Human factors that influence secure software development. Their presentation was quoted as: “…one of the best talks I’ve seen in the last several years.”
The 2018 Global Security Report from Trustwave found that all web applications are vulnerable to attack. Yes, you read that right. All applications had at least one vulnerability, and the average number of vulnerabilities found per application was eleven.
Code Dx will be exhibiting at the STARWEST conference in Anaheim, CA October 3rd & 4th in Booth #10 at the conference.
Code Dx will be presenting Managing Application Security at the annual Technology Day event on September 6, 2018
AFCEA Oklahoma City Chapter will be hosting the 14th Annual Technology Day at Tinker AFB on Thursday 6th of September 2018. Chris Horn is scheduled to speak on the topic of ‘Managing Application Security.’
DevOps and DevSecOps are terms that application development and security teams have become very familiar with in the past few years, especially as internet-connected users demand constant updates and improvements to applications.
Everywhere you look, people are on their smartphones. These devices have become a permanent fixture in our lives. We spend more time on our smartphones than we do on our desktops, making mobile devices a bigger target for cyber attacks. To make matters worse, the vast...
Some predict that cybercrimes will cost $6 trillion in damages per year by 2021. In response, governments around the world have decided to fight back against cyberattacks and counter threats with a host of new cybersecurity regulations for financial services.
Code Dx will be at present at AppSec Europe 2018. We will be located at Britten #13. Chris Horn will be talking about the paper he wrote entitled “Measuring Application Security” at the 2018 AppSec Eu Conference in London, England.
Gartner expects global enterprise security spending to increase 8% from 2017, reaching a total of $96.3 billion in 2018. Increased awareness of security threats (thanks to more high-profile breaches at companies such as Equifax) and regulatory compliance are two of...
The Info Security Products Guide recently asked a number of industry leaders to offer their thoughts and predictions on the direction of cyber security in 2018. Our CEO Dr. Anita D’Amico was included in this esteemed group.
Application security testing is an integral part of the development process. A proper testing methodology utilizes multiple tools (and types of tools) and incorporates application security testing into the design, development, and production phases of the application development lifecycle. But you may find yourself overwhelmed by the inundation of results from all of these testing tools.
Code Dx will attend Japan’s Spring IT Week. The event runs May 9-11, located at the Tokyo Big Sight International Exhibition Center. Come visit us and see Code Dx demonstrations at Booth #5-26 in the West Hall.
Code Dx has won Best Next Generation Vulnerability Management Solution at the 2018 Annual Cyber Defense Magazine InfoSec Awards! The winners were announced online and in print during the kickoff of RSA 2018 in San Francisco, April 16th.
Code Dx Enterprise 3.0 Now Offers Static and Dynamic Hybrid Analysis for Application Security Testing
Code Dx, Inc. today announced a significant new capability— Static & Dynamic Hybrid Analysis—to be included in Code Dx Enterprise 3.0. In addition to Hybrid Analysis, Code Dx Enterprise 3.0 supports and integrates with more than 40 commercial and open-source SAST, DAST, and IAST tools and techniques to provide total software application vulnerability correlation and management.
Information security breaches continue to make headlines. 2017 and early 2018 saw several major organizations such as Equifax and even the IRS fall prey to hackers who exploited security vulnerabilities.
Attacks come fast, starting within one day of Common Vulnerabilities and Exposures (CVEs) being released. Sometimes, zero days. How do you protect yourself?
Code Dx will be at RSA with DHS S&T (Booth #1839 South), and at the Early Stage Expo (Booth #7). The conference will be held on April 16-20, 2018 at Moscone Center in San Francisco, California.
Come see the new version of the Code Dx Application Vulnerability Correlation and Management tool at the 2018 RSA Conference
Code Dx is excited to announce Code Dx Enterprise 3.0, the latest version of our Application Vulnerability Correlation and Management (AVCM) tool. The new release brings the highest level of efficiency to application security testing in the industry to date. Code Dx will be demonstrating these new features at the RSA Conference in San Francisco.
Drew Kirkpatrick, Security Researcher for Secure Decisions, a division of Applied Visions, Inc., will speak at the B-Sides Rochester Hacker Conference (B-Sides Roc) on April 14th, at 3 PM. Mr. Kirkpatrick will discuss the ways web application penetration testers can enhance their white box testing process with two open-source tools—the Attack Surface Detector; and OWASP Code Pulse, a Code Dx, Inc. open-source technology.
The cost and time required for comprehensive application security testing often deters businesses from implementing a proper strategy for testing and remediation of vulnerabilities. Of course, that’s asking for trouble. Fortunately, the process can be streamlined, enabling you to conduct application security testing in a more efficient and timely manner.
Web application attacks are on the rise, with a 69% increase from Q3 2016 to Q3 2017. There has been a large increase in attacks coming from the U.S., with an increase of more than 200% in U.S.-based attacks on web applications in just one year. If you weren’t worried about security issues with your web applications before, you should be now. This article provides more details on why web application security should always be on your mind, and what you need to do to protect yourself, your business, and your users.
You’ve accepted the importance of application vulnerability testing to ensure the security of your software. That’s good. There are many options available when it comes to application vulnerability testing software, so it can become confusing to know which tools are the right ones to use. Different tools identify different problems when it comes to application vulnerability testing, so you need to consider using more than one.
New year, new security threats: The top 2017 application hacks, and what you need to look out for in 2018
2017 was no stranger to application security threats, with some of the biggest hacks, to date, taking place. In fact, during the third quarter of 2017 there were more than 230 million web application attacks on websites in the U.S. Despite these figures, a 2017 study...
White box, black box, and gray box vulnerability testing: What’s the difference and why does it matter?
2017 saw a record number of security vulnerabilities, with more than 16,000 vulnerabilities reported by the end of Q3. That is more than in all of 2016 combined. While some organizations are addressing these application security risks quickly, others are failing to do...