Diagnostic Tool for Secure Coding

CODE-RAY XG
Sparrow

Secure coding diagnostic tool - CODE-RAY XG

CODE-RAY XG is a static analysis tool that diagnoses security vulnerabilities within the source code in the early stages of software development.
Accurate detection technology and low false positive rate enhances the safety of the software.

Support for various programming languages

Supports multiple development languages such as Java, Android Java, JavaScript, JSP, Asp, C/C++, Object C, etc.

Affinity Analysis

Intuitive display of connections between sources related to security weaknesses

Testing Engine Distribution

Testing resources can be distributed because both the developer and the security manager have their own testing engine

Exception Handling Approval Control

Detected security vulnerabilities can be processed through exception handling under the administrator's authorization

Key Features

Integrated Information Management
Source code integration information available through the main dashboard
Source Code Version Control
SVN-style version control system provided
Project Work Control
Provides a function to analyze security weaknesses and view history within the scope of the assigned project

Static Analysis with Virtual Compilation
Improves detection accuracy by analyzing security weaknesses and performing virtual compilation without building a development environment
User-defined Tools
User-defined rules can be created through GUI in addition to those provided by the system

Diagnostic Items

Diagnoses security vulnerabilities in source code based on the 47 security weaknesses defined by the Ministry of Security and Public Administration and OWASP's TOP10 risks.

47 security weaknesses defined by the Ministry of Security and Public Administration
Secure Coding Guide (Sep. 2012)
NIS vulnerabilities
Regulation on Supervision of Electronic Financial Activities

CWE (CWE 658 List CWE 659 List CWE 660 List)
OWASP
CERT C/C++, Java

MISRA C/C++
BSSC C/C++ 2000
HIC C++ 외 다수

Solution

Secure coding diagnostic tool - CODE-RAY XG

CODE-RAY XG is a static analysis tool that diagnoses security vulnerabilities within the source code in the early stages of software development.
Accurate detection technology and low false positive rate enhances the safety of the software.

Key Features

Diagnostic Items

Purchasing and Maintenance Procedures

Purchase inquiries

Consultations and demonstrations

Contract conclusion

Product acquisition

Technical support, and maintenance

Code-RAY XG inquiry and consultation

Solution

Secure coding diagnostic tool - CODE-RAY XG

CODE-RAY XG is a static analysis tool that diagnoses security vulnerabilities within the source code in the early stages of software development. Accurate detection technology and low false positive rate enhances the safety of the software.

Key Features

Diagnostic Items

Purchasing and Maintenance Procedures

Purchase inquiries

Consultations and demonstrations

Contract conclusion

Product acquisition

Technical support, and maintenance

Code-RAY XG inquiry and consultation

CODE-RAY XG is a static analysis tool that diagnoses security vulnerabilities within the source code in the early stages of software development.
Accurate detection technology and low false positive rate enhances the safety of the software.