CodeSecure announced the latest release of CodeSentry, version 5.1. This release is already deployed for SaaS production instances and ready for download for on premises users. This release introduces live vulnerabilities updates, new vulnerabilities and software products, improved analysis results and new SBOM generation capabilities.
Live N-Day Updates
With the ever-evolving threat landscape, it’s critical that security tools have updated vulnerability information to match scanned software against. This allows organizations to stay, continuously, abreast of the latest threats.
SaaS and internet-connected on-premises CodeSentry instances can easily discover new vulnerabilities and exploits affecting your scanned applications, without the need to rescan. This is available in the Vulnerability Tab which features an enhanced search dialog making it easy to find out what new vulnerabilities and exploits need mitigation.
New Vulnerabilities and Software Products
Vulnerabilities are increasing every day and to keep current with the latest vulnerabilities in open source, CodeSentry 5.1 includes over 8,400 new vulnerabilities and 3,900 new products to match against. Along with live N-day updates, there is better vulnerability coverage of your scanned binary products.
Improved Analysis Results
In keeping with the changing security threat environment, CodeSentry now provides file-level component detail for artifacts such as self-extracting executables.
The CodeSentry user interface now displays the results of shared library dependency analysis of scanned artifacts – this information can be found on the External Dependencies tab of the scan results. Shared libraries aren’t typically included with execution artifacts and vulnerabilities can be missed.
CodeSentry is now compatible with FIPS-enabled systems for on-premises installations making it appropriate for use in government agencies and contractors handling sensitive data.
High-Quality SBOM Generation
Users can now set the artifact type, version, and description metadata used by CycloneDX SBOM exports to provide the highest quality SBOMs.
Scan reports are now downloadable in HTML format, and additional CSV exports have been added for detected vulnerabilities, external dependencies, security attributes, and zero-day warnings.