- Programming Languages supported: C/ C++, Java
- CI/CD integration with Jenkins
- IDE integration with VSCode
- Source code control: GitHub, GitLab & Gerrit
- – Xcalibyte’s proprietary ruleset to identify many known serious vulnerabilities
- – SEI CERT C
- – SEI CERT C++
- – SEI CERT JAVA
- Support for:
- – OWASP TOP 10
- – CWE
- – CVE
- On-premise deployment
- Chinese and English interfaces
WHAT ARE THE MAIN BENEFITS OF XCALSCAN?
IN-DEPTH COMPILER OPTIMIZATION TECHNOLOGY
Errors can affect many parts of your code, in ways that are not immediately obvious. Xcalscan goes beyond ordinary code pattern analysis working not only at the Abstract Syntax Tree (AST) level but also analyzing at the Intermediate Representation (IR) level, to provide more accurate defect detection and to generate comprehensive reports that highlight all errors. By analyzing code further down the compiler process, we are able to identify defects that would only have otherwise be seen during runtime.
FIND HARD-TO-FIND BUGS
There are many defects that are hard to trace such as Null Pointer Dereference and Missing Free. These are frequently missed in code reviews and only manifest themselves during runtime. Some can occur from race conditions or simple programming omissions. Flow analysis is required to identify them. Xcalscan’s analysis methods include data flow analysis, control flow analysis, context sensitive analysis, object sensitive analysis, cross procedure analysis and cross file analysis. Xcalscan also provides cross language analysis support.
CODE, SECURITY AND DATA PRIVACY COMPLIANCE
Violations of coding conventions, data privacy and security policies often occur due to poor oversight or a rush to get the application go live. Poor quality code can result from not adhering to best practice programming guidelines, for example, failure to apply encryption, lack of secure authentication and many other reasons. Xcalscan can help developers comply with internal organizational rules, worldwide coding practices and government legislation. Xcalscan can give you peace of mind when developing software.