CodeScan is Proactive Web Application Security

CodeScan Report

CodeScan Developer and CodeScan for Visual Studio is an important component of your existing development and testing processes. It is a tool that you and your team can use to ensure that your project is going to be secure, before you release it.

CodeScan is Proactive Web Application Security – addressing security throughout development, rather than as a reactive afterthought once vulnerabilities are exposed.

How does it work?

By Scanning at the Source Code Level. With this approach, vulnerabilities can be identified outside of a live development environment. CodeScan will automatically parse and evaluate your source code through its vulnerability detection engine.

This approach is also forward looking: where some web application scanners only evaluate vulnerabilities in user discoverable and accessible functions, CodeScan is able to detect insecure code. Should any functions be exposed to user input in future development, you can be sure that your existing code base will be ready.

What does it cover?

CodeScan Developer and CodeScan for Visual Studio has a wide range of vulnerability coverage, and its coverage is constantly being expanded by researchers from CodeScan Labs. CodeScan Developer is compatible with PHP, Classic ASP (VBScript) and ASP.NET 2.0+ (C#). Vulnerability coverage includes:

  • Authorization and Authentication
  • Command Execution
  • Cross Site Scripting
  • Encryption
  • File Access
  • General
  • SQL Injection
  • And Much More!