Product
Source Code Security Analysis Solution
Source Code Security Analysis
Code Insure
An integrated package solution that provides change impact analysis and quality management processes using application source code as the core medium
Key Features
01
Security Vulnerability Assessment
Provides rules for various domestic and foreign security standards, including 49 essential items of the Ministry of Government Administration and Home Affairs, CWE Top 25, OWASP Top 10, NIS 8 web vulnerabilities, and Electronic Financial Supervisory Service 8 security vulnerabilities
02
Application of customized rules
Easy application and management of specialized coding rules or prohibited words within the company
03
Supports automation of the security inspection process
Integrates with the configuration management system to automatically perform inspections at the time developers check in source code, and blocks the check-in if defects are detected
04
Continuous inspection through a development tool plug-in
Through an IDE plug-in, developers can identify and fix vulnerabilities in real time while writing code
05
Integrated Management Dashboard
Provides visualized charts of vulnerability detection status and compliance rates by project, team, and severity level, enabling at-a-glance monitoring of the organization’s overall security posture
06
Exception Handling and False Positive Management
Code that must be permitted due to business logic can be registered and managed as an exception through an approval process
Fully compliant with domestic and international standards
Software Security Weakness Assessment
Precisely diagnoses security vulnerabilities such as SQL injection, XSS, and buffer overflows that can be exploited for hacking, in accordance with the Ministry of the Interior and Safety guidelines and CWE/SANS standards
Verification of Coding Standards Compliance
Ensures high-quality code by verifying compliance with standard coding rules such as naming conventions, commenting practices, and complexity limits that enhance readability and maintainability
Protection of Personal and Sensitive Information
Identifies resident registration numbers, bank account numbers, passwords, and other sensitive data left in source code through pattern matching and algorithmic validation, helping mitigate the risk of violations of personal data protection laws
Support for Various Rule Sets
Provides rules for various domestic and foreign security standards, including 49 essential items of the Ministry of Government Administration and Home Affairs, CWE Top 25, OWASP Top 10, NIS 8 web vulnerabilities, and Electronic Financial Supervisory Service 8 security vulnerabilities
Strong Security, Seamless Development
Integrated Management Dashboard
Provides visualized charts of vulnerability detection status and remediation rates by project, team, and user, enabling at-a-glance monitoring of the organization’s overall security level
Embedded Security Monitoring Process
Establishes a step-by-step verification framework—from development to check-in to deployment—preventing security-compromised code from being released into the production environment
Manage your source code quality with proven technology
High-Performance Processing for Large-Scale Data
Equipped with a high-performance engine capable of rapidly analyzing large-scale source code
Achieved CC Certification
Certified under the rigorous international security standard, CC (Common Criteria), validating the product’s security and quality
Uncover every hidden risk even those buried in a single line of code without leaving a single gap
Code Insure, No.1 Source Code Analysis Solution Chosen by the Financial Industry
Finance A
- Implementation of source security vulnerability inspections, including hard-coded values and personal data detection
- Reflects pre-inspection results for modified programs through integration with configuration management
Finance B
- Implementation of an automated inspection function for the Ministry of the Interior and Safety’s mandatory SW security weakness items
- Implementation of an automatic detection function for predefined hard-coded items