Checkmarx CxAudit
CxAudit Works the Way Software Teams Do
Security risk managers have no time for tools that need babysitting. With modern agile and classic iterative processes, it’s critical not to slow things down or add unnecessary overhead to daily activities. Software security managers have historically been saddled with expensive static analysis tools that had high false positive rates and required significant consulting to integrate into the development process. Trust in the tools is low when false positive rates are high. Managers need the flexibility and configurability to visualize technical and business defects in the source code under development quickly and accurately. | Benefits • High Performance • Minimal false positives • High KLOC throughput • 32 & 64 bit operation • Multiple languages: C/C++, Java, C#, APEX CxQL Embedded Query Language • Completely extensible • Interactive Development • Rapid updates to threats |
Application Auditors and Security Risk Managers Get Control
Checkmarx CxAudit is the next generation of static security analysis tooling for .NET and J2EE environments. Employing high performance, in-memory code models and a purpose-built query language, CxAudit is the fastest, most accurate and most extensible security analysis tool and reporting product on the market. False positive rates are extremely low because the entire code path, from presentation back to root cause, is verified before it’s reported as a defect. The built in query language allows organizations to add, modify and group queries to meet their process and regulatory needs using their own people, meaning that integration and consulting expenses are low. Graphical representations of vulnerabilities permit rapid and cost-effective remediation. Integrations with Visual Studio allow audit, scanning and analysis activities to be executed from within the shell, while a complete standalone UI and CLI capabilities meet the needs of security auditors and constant integration environments.
Fast and Accurate Static Analysis
Static analysis is an automated code review mechanism that allows development teams to scan their source code for programmng errors, including those that lead to security vulnerabilities. Using analysis tools in normal manual review processes can speed things up immensely by quickly uncovering known patterns of failure and alerting developers. Checkmarx CxAudit provides all the tools you and your software team need to track down and mitigate software security problems in your code. Then CxDeveloper will help your developers perform interactive scanning for potential vulnerabilities, with the end result that security is built in to the code.
|
Try Checkmarx on Your Code - Free - For a Limited Time
Get a free source code scan of up to 10,000 lines of code. With virtually zero false-positives, this highly accurate tool is sure to surprise you if you are using other tools available in the market today. Call +1.978.694.1008, ext. 24 for details, or email. |
What to Look for When Choosing a Source Code Analysis (SCA) Solution
 |
Accurate and rapid results |
|
Virtually zero false-positives |
|
|
Valuable results for effective remediation |
|
Low overhead and trouble-free deployment |
|
|
Scanning near-compiling code |
|
Coverage of Vulnerability Types |
|
|
Configurable Queries |
|
Scalability |
|
|
Cost Effective |
|
Usability |
Technical Specifications
| System Requirements | Supported Platforms | Supported Languages |
| Windows XP, Vista, Windows Server 2003/2008 | Microsoft .NET | C/C++ |
| 2 Ghz CPU (32 or 64 bit) | J2EE | Java |
| 2 GB RAM minimum | C# | |
| 250 GB disk space | APEX | |
| Easily adaptable for other languages |
