- Programming Languages supported: C/ C++, Java
- CI/CD integration with Jenkins
- IDE integration with VSCode
- Source code control: GitHub, GitLab & Gerrit
- – Xcalibyte’s proprietary ruleset to identify many known serious vulnerabilities
- – SEI CERT C
- – SEI CERT C++
- – SEI CERT JAVA
- Support for:
- – OWASP TOP 10
- – CWE
- – CVE
- On-premise deployment
- Chinese and English interfaces
WHAT ARE THE MAIN BENEFITS OF XCALSCAN?
IN-DEPTH COMPILER LEVEL TECHNOLOGY
Errors can affect many parts of your code, in ways that are not immediately obvious. Xcalscan goes beyond ordinary code pattern analysis working not only at the Abstract Syntax Tree (AST) level but also analyzing at the Intermediate Representation (IR) level, to provide more accurate defect detection and to generate comprehensive reports that highlight all errors. Xcalscan’s analysis methods include data flow analysis, control flow analysis, context sensitive analysis, object sensitive analysis, cross procedure analysis and cross file analysis. Xcalscan also provides cross language analysis support.
ACCURACY & SPEED
Xcalscan reduces the number of false positives so you’ll know if an error is really a true error or not, in other words, a definite error. With high level scanning accuracy, Xcalscan reduces the time you would spend manually identifying false positives and lets you spend time chasing actual problems. With Xcalscan, your scans will be typically measured in minutes rather than hours, reducing wait times and increasing your productivity.
SUPERIOR USER EXPERIENCE
Knowing which bugs to fix first is crucial. Xcalscan helps you prioritize for remediation based on the level of severity. The most critical bugs can be highlighted for immediate attention. Xcalscan gives you a holistic understanding of how a single defect can impact other parts of your software. By presenting trace paths for data flows as visual graphs, you can view different functions, upstream or downstream. Best of all, Xcalscan provides help to remediate bugs. Our intuitive web-based interface allows you to easily access features to scan code, report on defects and assign tasks.