|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Product | Organization | Type | Capability | Status |
|---|---|---|---|---|
| Architectural and Design Risk Management | Cigital, Inc. | Software Security Architecture and Design Risk Assessment and Management | CWE Output CWE Searchable | Available |
| CodeSecure Enterprise | Armorize Technologies, Inc. | Web Application Source Code Analysis Tool | CWE Output CWE Searchable | Available |
| CodeSecure Verifier | Armorize Technologies, Inc. | Web Application Source Code Analysis Suite | CWE Output CWE Searchable | Available |
| CodeSecure Workbench | Armorize Technologies, Inc. | Web Application Source Code Analysis Tool | CWE Output CWE Searchable | Available |
| CodeSonar | GrammaTech, Inc. | Static Analysis Tool | CWE Output CWE Searchable CWE Coverage | Available |
| CxSuite | Checkmarx | Static Application Security Testing/Application Security Code Review | CWE Output | Available |
| Fortify Source Code Analysis (SCA) | Fortify Software | Source Code Analysis Tool | CWE Output | Available |
| Secure Code Review with Automated Tools | Cigital, Inc. | Security Code Assessment | CWE Output CWE Searchable | Available |
| Secure programming class, CS390S | CERIAS/Purdue University | Secure Programming Class and Publicly Available Teaching Materials | CWE Output CWE Searchable | Available |
| Security-Database Web Services | Security-Database | Web Services | CWE Output CWE Searchable CWE Coverage | Available |
| SecurityReview | Veracode, Inc. | Assessment Service | CWE Output CWE Searchable CWE Coverage | Available |
| Security Training and Awareness (various courses) | Cigital, Inc. | Software Security Training and Awareness Courses | CWE Output CWE Searchable | Available |
| SofCheck Inspector for Ada | SofCheck Inc. | Static Analysis and Fault Detection Tool | CWE Searchable | Available |
| AMP | SPI Dynamics | Software Application | CWE Output CWE Searchable CWE Coverage | Planned |
| AppScan | Watchfire | Web Application Security Assessment Tool | CWE Output CWE Searchable CWE Coverage | Planned |
| AppScan Enterprise | Watchfire | Enterprise Web Application Security Assessment Tool | CWE Output CWE Searchable CWE Coverage | Planned |
| AppScan Enterprise OnDemand | Watchfire | Web Application Security Assessment Service | CWE Output CWE Searchable CWE Coverage | Planned |
| DevInspect | SPI Dynamics | Software Application | CWE Output CWE Searchable CWE Coverage | Planned |
| Klocwork Enterprise Development Suite | Klocwork, Inc. | Assessment and Remediation Tool | CWE Output CWE Searchable CWE Coverage | Planned |
| Ounce | Ounce Labs | Static Source Code Analysis Tool | CWE Output CWE Searchable CWE Coverage | Planned |
| QAInspect | SPI Dynamics | Software Application | CWE Output CWE Searchable CWE Coverage | Planned |
| Secure Application Development Training Courses | SkillBridge, LLC | Instructor Led Training | CWE Output CWE Searchable CWE Coverage | Planned |
| Secure Programming Exams/Assessments | SANS Institute | Professional Secure Programming Examination | CWE Output CWE Searchable CWE Coverage | Planned |
| WebInspect | SPI Dynamics | Software Application | CWE Output CWE Searchable CWE Coverage | Planned |
| WebInspect Direct | SPI Dynamics | Software Application | CWE Output CWE Searchable CWE Coverage | Planned |
|
|
|||