Secure your applications from the start
Cyberspect is an application security analyzer. Tightly integrated with Visual Studio, Cyberspect inspects code with every build and provides immediate feedback — so that every developer on your team can secure their code from the outset.
TIGHTLY INTEGRATED WITH VISUAL STUDIO
Easy to install and start using with no configuration or additional hardware required. Cyberspect works with you to point out potential security concerns while you develop, and makes it easy to see the origin of any vulnerabilities found.
Cyberspect works with all editions of Microsoft Visual Studio starting with version 2010 (except Express), and .NET Framework 2.0 or greater.
ROBUST CYBER SECURITY RULE SET
Cyberspect uses a comprehensive set of inspection rules to quickly identify many types of security weaknesses. This growing list is updated to keep up with the latest cyber threats.
- Use of older and less secure .NET framework features
- Use of hard-coded credentials, passwords, and keys
- Use of insecure encryption algorithms and options
- Use of referenced third-party libraries with known security vulnerabilities
- Insecure .NET configuration settings
- Potential injection errors: SQL, LDAP, XPATH, OS commands
- Cross-site scripting and request forgery (XSS/CSRF)
- Improper or insufficient use of TLS/SSL
- Regulatory compliance including HIPAA/HITECH, PCI DSS, NIST SP800-53, etc.
LIKE HAVING A SECURITY EXPERT WORKING ALONGSIDE YOUR DEVELOPERS
Cyberspect provides regularly updated guidance on each discovered vulnerability, with industry classification, detailed remediation advice, and references for further research. It also provides functions for generating distributable interactive reports that provide context towards compliance with various industry standards and government regulations.
IMPROVED VULNERABILITY RESOLUTION WORKFLOW
Cyberspect tracks when new vulnerabilities are introduced as well as changes made to remediate these vulnerabilites, with very little performance overhead. It is designed to minimize the impact to your normal development workflow, and allows developers to suppress findings with an exception reason that is documented for audit purposes.