Code Dx 5.3 integrates with Snyk for comprehensive vulnerability management

The Code Dx team is pleased to announce the general availability (GA) of Code Dx 5.3, which notably features an integration with Snyk to help customers integrate open source and container security into their continuous development processes. As we move toward a cloud native world, we’re working to ensure that developer-first tooling, secure cloud infrastructure, container security, and open source tools are fully integrated into Code Dx 5.3. This helps our customers deliver applications at the speed of DevOps without leaving security behind.

Container security scanning

In June 2020, Gartner predicted that “by 2022, more than 75% of global organizations will be running containerized applications in production, up from less than 30% today.” Indeed, Gartner expects that up to 15% of enterprise applications will run in a container environment by 2024 (it was less than 5% in 2020). This leap forward in container adoption highlights the importance of support for container security scanning, which is included in the Code Dx 5.3 release. While many organizations have historically been slow to adopt containers due to application backlogs, technical debt, and constraints on budget and staff resources, the pandemic and an acceleration towards cloud adoption over the last year have driven many organizations to push forward with container adoption to modernize applications.

Code Dx’s tool connector with Snyk operates at scale with the latest technology stack

The product and engineering teams at Code Dx continue to improve the overall performance of the system, helping customers quickly determine which results need attention and remediation first, based on the range of security software testing tools in use in the organization. Code Dx’s machine learning training and prediction models now deliver faster performance as well, accelerating the time-to-insight for customers.

This new release of Code Dx 5.3 expands the security data provided to customers by programmatically pulling vulnerability data from the newly integrated Snyk Connector for Containers, allowing developers to continuously find and fix vulnerabilities in container images quickly and efficiently. It also connects to Snyk Open Source to manage open-source dependencies and license issues when building cloud native applications.

This overall improved performance in Code Dx 5.3, along with Snyk’s comprehensive vulnerability data, helps customers triage and remediate vulnerabilities at the speed of DevOps.

Faster, more secure delivery

Code Dx Enterprise automates the arduous workflows needed to centralize finding, analyzing and fixing security vulnerabilities across disparate security tools—all at DevOps speed. Code Dx orchestrates scan automation, automates triage, and prioritizes tracking and remediation of vulnerabilities. It does this while continuously assessing the security risks across the entire software lifecycle. Code Dx connectors like the Snyk Connector for Containers allow customers to pull open source and container vulnerability data to de-duplicate, normalize, and correlate findings from several tools and offer a single, coherent thread of prioritized issues. Schedule a demo of Code Dx 5.3 today and learn how to simplify and prioritize the results from your security tools.

Utsav Sanghani is the Director of Product Management at Code Dx.