Static Code Analysis

We provide the following services for static code analysis solutions such as: Checkmarx, Veracode,  Fortify and Coverity:

  • Integrating the code scan in any CI/CD build process and extracting results to almost any dashboard / reporting platform.
  • Evaluating scan results for true / false positives
  • Prioritising the detected vulnerabilities based on their risk and the likelihood of exploit and building a Remediation Plan 
  • Customising Queries to remove false positives for future scans and to detect custom scenarios per your need (available for Checkmarx only)

As a service to the community, below you can find explanations to a number of Checkmarx detected vulnerabilities. Please feel free to ask any Checkmarx related question on the bottom section of this page and I will do my best to answer it and post the answer on this page.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Optio, neque qui velit. Magni dolorum quidem ipsam eligendi, totam, facilis laudantium cum accusamus ullam voluptatibus commodi numquam, error, est. Ea, consequatur.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Optio, neque qui velit. Magni dolorum quidem ipsam eligendi, totam, facilis laudantium cum accusamus ullam voluptatibus commodi numquam, error, est. Ea, consequatur.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Optio, neque qui velit. Magni dolorum quidem ipsam eligendi, totam, facilis laudantium cum accusamus ullam voluptatibus commodi numquam, error, est. Ea, consequatur.

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Optio, neque qui velit. Magni dolorum quidem ipsam eligendi, totam, facilis laudantium cum accusamus ullam voluptatibus commodi numquam, error, est. Ea, consequatur.

Have a Checkmarx related question? Write to me and I'll do my best to answer it.