Lexington Soft Partners With DefenseCode to Bridge the Gap Between Security and DevOps

Lexington Soft Pvt. Ltd., has been appointed as a best-in-class enterprise software products and software development tools, to represent DefenseCode across South East Asia.

DefenseCode offers two licensed solutions: Its flagship product, ThunderScan® is a SAST (Static Application Security Testing, WhiteBox Testing) solution for performing deep and extensive security analysis of application source code. ThunderScan® is easy to use, requires almost no user input, and can be deployed during or after development with easy integration into the DevOps environment and CI/CD pipeline. The current release provides analysis against 30 different programming languages and provides an excellent way to automate code inspection as an alternative to the demanding and time-consuming procedure of manual code reviews. Automated reporting for requirements against PCI-DSS, SANS/CWE Top 25, OWASP Top 10 or NIST.

DefenseCode WebScanner is a DAST (Dynamic Application Security Testing, BlackBox Testing) solution for comprehensive security audits of active web applications (websites). WebScanner will test a website’s security by carrying out a large number of attacks using the most advanced techniques, just as a real attacker would. DefenseCode WebScanner can be used regardless of the web application development platform. It can be used even when the application source code is no longer available. WebScanner supports major web technologies such as HTML, HTML5, Web 2.0, AJAX/jQuery, JavaScript and Flash. It is designed to execute more than 5000 Common Vulnerabilities and Exposures tests for various web server and web technology vulnerabilities. WebScanner can discover more than 60 different vulnerability types (SQL Injection, Cross Site Scripting, Path Traversal, etc.), including OWASP Top 10.

“The automation provided by DefenseCode’s security solutions ensures that the development teams in India can focus on innovation and development rather than worry about the security of the software and applications being developed and confident that Lexington Software will be an extension of DefenseCode team in supporting our growing user base within South East Asia,” said Leon Junranic DefenseCode’s founder and CTO.

“It is estimated that 90 percent of security incidents result from attackers exploiting known software vulnerabilities. With organizations pursuing Agile/DevOps methodologies, DefenseCode’s scalable and cost effective static and dynamic security testing offerings, enable software R&D organizations to easily automate security testing into the SDLC and mitigate information security threats,” said Dinesh Dulipsingh, Managing Director, Lexington Soft.