OUR Products

xcalibyte
Next Generation
Vulnerability
Scanning Tool

on-premise

ON PREMISE

installed

INSTALLED & OPERATED BY THE SYSTEM ADMIN

in the client’s data center- for full confidentiality and security of
customers’ source code and data.

SUPPORTED LANGUAGES

XCALIBYTE ALGORITHM USES
ADVANCED TECHNIQUES FOR:

  • Data Flow Analysis
  • Control Flow Analysis
  • Context Sensitive Analysis
  • Object Sensitive Analysis
  • Cross Procedure Analysis
  • Cross File Analysis
  • Accurate Analysis based on Target Environment

XCALIBYTE DETECTS
CRITICAL VULNERABILITIES:

  • Null Pointer Dereference
  • Use After Free
  • Double Free
  • Buffer Overflow
  • Resource leaks
  • Use of Uninitialised Variable
  • Use of Dangling Pointer
  • & many others listed in CWE, SANS, SEI CERT C/C++/Java, OWASP

KEY FEATURES OF XCALSCAN:

  • Identifies vulnerabilities in all code types – Source-Code,
    Byte-Code and Bit-Code – early in the development cycle.
  • Supports C, C++ and Java.
  • Detects major vulnerabilities listed in SEI CERT C/C++ Coding Standard
  • Integrates seamlessly into the code development process to ensure efficient testing, prioritized identification of vulnerabilities, and support through triage, and quality assurance.
  • Defect detection that spans across procedures,
    files and control flow.
  • Clearly identifies the source of the vulnerability and highlights the best place to fix the code through a graphical display to trace flow and context sensitive issues.
  • Perform a deeper analysis that can reduce false positives – meaning less time wasted in verification.
  • Provides clear analytics that can be used to manage and monitor key metrics that ensure visibility to quality and security of the software and the effectiveness and efficiency of the software development process.
  • Customized solutions for Chinese company.

MEASURABLE BENEFITS

Improves process
management capabilities
for secure coding by
integrating into the SDLC

Clear trace-view
of the source of
vulnerability enables
best-fix solution

Reduces down-time
tracking false positives

Leaves more time
for developer focus
and creativity

High quality analytics
to support performance
improvements

Reduces
development costs