A Static Analysis SAST tool can help you quickly analyze and validate the code, identifying serious vulnerabilities that may cause system failures, poor reliability, and system breaches. Lexington Soft offers CodeSonar, a testing tool that has been proven to find more static memory, resource management, concurrency, and other defects than other tools on the market.
Source Code & Binary Code Analysis
By analyzing both source code and binaries, CodeSonar enables your software development team to analyze complete applications, enabling you to take control of your software supply chain and eliminate the most costly and hard-to-find defects early in the SDLC. It can perform a whole-program analysis on 10M+ lines of code. Once an initial baseline analysis has been performed, CodeSonar’s incremental analysis capability makes it fast to analyze daily changes to your codebase.
CodeSonar’s Integrated Binary Analysis can find security vulnerabilities from libraries or other third-party code without access to source code.
Some of the built-in checks include buffer overrun, uninitialized variable, free non-heap variable, use after free, null-pointer dereference, division by zero, etc. You can also customize your analysis with custom checks and metrics.
The ability to visualize quality trends and software architecture allows you to manage your testing efforts and quickly identify the source of risky information flows.
CodeSonar supports compliance with standards like MISRA C:2012, IS0-26262, DO-178B/C, US-CERT’s Build Security In, and MITRE’S CWE.
Want to know if CodeSonar will meet your needs? Lexington Soft will gladly provide a sales demo and proof of concept, conduct product evaluations and even offer you a free trial!