SDC Lab Logo

Application Risk and Vulnerability Lab

SDC Systems has developed the Application Risk and Vulnerability Lab based around the best in class tools for static, architecture, code coverage and open source software analysis driven by the open source Jenkins Continuous Integration system to provide a simple and easy way to determine technical debt and to identify software issues before products are released.

Best In Class Components

The Application Risk and Vulnerability Lab uses the best in class components for static analysis, architectural analysis, code coverage, and open source vulnerability and license compliance.

Klocwork Static Analysis

The Klocwork static analysis tools ship with hundreds of checkers for analysing C/C++, Java or C# source code. Using the traceback path it is possible to identify each of the statements and variable values in the code that are contributing to a particular issue. As part of the Application Risk and Vulnerability Lab static analysis can be performed either each time code is checked into the source code management system or on a nightly or weekly basis. More details…

Lattix Architectural Analysis

Using the Lattix architectural analysis tools as part of the Application Risk and Vulnerability lab the source code or UML model can be analyzed to determine if the architecture continues to match the rules laid down by the system architect that ensure that such violations are identified immediately, preventing erosion of the architecture. More details…

froglogic Squish Coco Code Coverage Analysis

Squish Coco, from froglogic automates the capture and maintenance of code coverage data during testing, which allows users to quickly identify untested portions of the application and determine resources needed to improve testing thoroughness. More details…

Black Duck Hub Open Source Vulnerability and License Analysis

Using the Black Duck Hub to scan the projects, the Application Risk and Vulnerability Lab, will look for newly introduced open source projects, packages and libraries and will identify security vulnerabilities as they become available through the National Vulnerability Database and VulnDB,  It allows you to review and prioritize vulnerabilities, assign remediation dates, and track closure. Along side this, if there are multiple open source packages with different licenses the Hub will identify conflicts. More details…

Find out more…

For more information on how the Application Risk and Vulnerability Lab from SDC Systems can help to improve the visibility of issues with your software please complete the form below.

Full Name (required):

Company Name (required):

Your Email (required)