OWASP Top 10 | SANS 25 | SAST Vulnerability

PRODUCTS
- Static Code Analysis
  - Back
  - Static Code Analysis
  - CxSAST
  - Supported Languages
  - Vulnerability Coverage
  - SDLC
  - Implementation
  - Compliance
- Runtime Protection
  - Back
  - Runtime Protection
  - CxRASP
  - empty
  - empty
  - empty
  - empty
- Educational Solutions
  - BACK
  - Educational Solutions
  - Game of Hacks
  - empty
  - empty
  - empty
  - empty
KNOWLEDGE
- Application Security
- Case Studies
- White Papers
- Webinars
- Videos
- Technical Documents
- FAQ
- Glossary
BLOG
PARTNERS
- Business Partners
- Technical Partners
- Become a Partner
- Partners Zone
COMPANY
- About Us
- Management
- Board of Directors
- Investors
- Events
- In the News
- Awards
- Careers
CONTACT US

TRY ME

Out-of-the-box Support For All Major Standards

Supported Vulnerabilities and Standards

CxSAST is fully capable of identifying vulnerabilities and loopholes that are officially documented or enforced by OWASP Top-10, SANS 25, PCI DSS, HIPPA, MISRA, Mitre CWE, FISMA and BSIMM. With the help of our unique open query language you can easily create your own security policy consisting of the vulnerabilities most important to your organization.

Detection Throughout The Spectrum

Sample Of Covered Software Vulnerabilities(OWASP Top 10 & more)

HIGH RISK

CGI Reflected XSS
CGI Stored XSS
Code Injection
Command Injection
Connection String Injection
LDAP Injection
Process Control
Reflected XSS
Reflected XSS All Clients
Resource Injection
SOQL SOSL Injection
SQL injection
Second Order SQL Injection
Stored XSS
UTF7 XSS
XPath Injection

MEDIUM

Acces Control
Buffer Overflow
CGI Reflected XSS All Clients
CGI Stored XSS
CGI XSS
Cookies Scoping
Cross Site History Manipulation
DB Paramater Tampering
Dangerous Functions
Data Filter Injection
DoS by Sleep
Double Free
Environment Injection
Environment Manipulation
Files Manipulation
Frame Spoofing

LOW VISIBILITY

Arithmetic Operation On Boolean
Blind SQL Injections
Client Side Only Validation
Cookie not Sent Over SSL
Dangerous File Upload
Dead Code
Deprecated And Obsolete
Deprecated CRT Functions VS2005
DoS by Unreleased Resources
Equals without GetHashCode
Escape False Warning
Files Canonicalization Problems
Hardcoded Absolute Path
Hardcoded Password
Password in Connection String
Impersonation Issue

Get Free Trial

Schedule Live Demo

Interested in trying CxSAST on your own code? You can now use Checkmarx's solution to scan uncompiled / unbuilt source code in 18 coding and scripting languages and identify the vulnerable lines of code. CxSAST will even find the best-fix locations for you and suggest the best remediation techniques. Sign up for your FREE trial now.

Checkmarx is now offering you the opportunity to see how CxSAST identifies application-layer vulnerabilities in real-time. Our in-house security experts will run the scan and demonstrate how the solution's queries can be tweaked as per your specific needs and requirements. Fill in your details and we'll schedule a FREE live demo with you.

gipoco.com is neither affiliated with the authors of this page or responsible
for its contents. This is a safe-cache copy of the original web site.

gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.