Application Security Testing (AST) has become a required part of software development. Most cyber attacks exploit vulnerabilities in the source code. Organizations looking to mitigate that risk must conduct exhaustive tests, but it is difficult to determine the best way to do that. With so many different testing tools and techniques, and so many different industry experts with different preferences, the only consensus answer to this problem is to use a combination of tools across different techniques. That creates a new problem: Turning their results into actionable information.
This part of the process is enormously time-consuming. The results are typically manually reviewed, and can take weeks to sort, prioritize, and fix. This creates a bottleneck, wasting time, money, and resources. Worse, the potential for human error to miscategorize a critical vulnerability can result in a dreaded zero-day vulnerability at launch.
Code Dx, Inc. is a company that understands these challenges, and developed the Code Dx Enterprise Application Vulnerability Manager to automate these time-consuming, resource-draining processes, so that AppSec testing can be conducted faster, with more critical vulnerabilities found and fixed. The result is software that is more secure, delivered sooner, and at a lower overall cost.
While the industry is working hard to deliver powerful AST tools, numerous enterprises trust Code Dx Enterprise because it focuses on making those tools work together to produce better, actionable results more quickly, and with less effort. With seamless integration into software development environments, it brings developers and security analysts together into an effective team. Customers see Code Dx Enterprise as a valuable multiplier for their existing investments in AST.
About the Company
Code Dx, Inc. provides application security solutions that automate and accelerate the discovery, prioritization, and management of software vulnerabilities. Focused on developing solutions that enrich the application security ecosystem with diverse utilities that automate the lengthy, expensive, and inefficient processes of AppSec testing—correlating the results of multiple tools across multiple techniques, normalizing terminology, and prioritizing the most critical issues—Code Dx remains at the forefront of the application security industry.
The flagship product of the company—Code Dx Enterprise—automates many of the labor-intensive activities needed to run AST tools, consolidate the results, and prioritize the reported vulnerabilities based on common standards. With Code Dx Enterprise, organizations achieve greater vulnerability coverage, and a better assessment of overall software security risk, in less time, and with fewer resources.
A Leader Securing Enterprises
Dr. Anita D’Amico, Founder and CEO of Code Dx has worked for more than 20 years in the cyber security domain. Dr. D’Amico is also a human factors psychologist and an expert in how security decisions are made, and takes on the user’s rather than the engineer’s perspective.
Dr. D’Amico has a long-term commitment to helping people make sense of overwhelming data. As a part of this commitment, Dr. D’Amico tackled the challenges in the application security space, beginning with a relatively modest effort: developing a tool that helps analysts best use the vast numbers of static analysis security testing tools. Each of those static code analyzers offers a different way to represent data.
Dr. D’Amico then founded Code Dx, Inc. and has grown a family of products that helps wrangle a wider array of tools across multiple techniques for application security, and added new functions, such as regulatory compliance checking, all to help organizations craft an integrated application security program in an environment that can feel paralyzingly diverse. Dr. D’Amico’s goal has always been to support businesses and security professionals as they seek to cut through the noise—and the hype—surrounding the application security process.
Being a successful security expert and having the experience of leading Code Dx to the market, Dr. D’Amico advises aspiring leaders in the security industry. She says, “Not everyone who has a mature network security program is aware of the risks presented by insecure software. Your target market will grow as software development and security communities are increasingly exposed to information about threats to software applications and the AppSec practices and tools that are available to mitigate those threats.”
Major Factors Behind the Company’s Aggressive Growth
Code Dx, is a prominent company in the security market, and is trusted by many businesses. When asked about the secret behind the company’s high pace of growth in the market, CEO Dr. D’Amico shared three factors that are responsible for their growth:
- Code Dx is filling a critical hole in the cybersecurity market, providing easy solutions to manage the software vulnerability remediation process, and help developers deliver secure code.
- The company maintains a positive working relationship with its clients, providing outstanding customer service and support.
- Code Dx, Inc. listens to its clients: new features are added to their software frequently to address growing needs in the security space, alongside new or updated regulatory compliance requirements.
Future Challenges for Code Dx
Although the security solutions company is providing top-notch tools to its clients, it expects a few challenges coming in its way. Referring to the nearest upcoming challenge, Dr. D’Amico says that as companies increase the number of tools and techniques that they combine and correlate with Code Dx Enterprise, the consolidated set of findings can grow and require additional triage by security analysts. The team at Code Dx is experimenting with machine learning as a means for automating that triage process. This type of automation will reduce the resources needed for triage, even when there is an increase in the number of potential vulnerabilities that are discovered.
