CI Solution Introduction
It supports the establishment of a technical environment necessary for the application of quality activities that improve code quality.
Key features: Source code inspection
Code Insure is a server program that checks SW security weaknesses, hardcoding checks, and code standards.
SW Security Weaknesses
Input data validation and representation, security features, time and state, error handling, code errors, encapsulation, API misuse
Personal information (social security number, corporate number…), ban codes, SH, site optimization
Input/management standardsaEnhance naming conventions, annotations, checks, performance, logic, prohibitions, and automation
With CI WEB, users can easily identify the location and cause of detected code defects, take action with secure guidance, and generate various reports.
“CI WEB enables source file inspection requests and result checks without the need for a separate application installation or development environment, and can be applied in various forms to implement interworking and linkage with other related systems.”
Developers can get the results of secure coding checks on the programs they are writing at any time from the development stage, enabling secure development.
“By checking the results of secure coding checks at any point during development, not only for programs managed by geometry management, but also for programs that exist only on the development server, we can detect defective code in advance.”
Apply and manage exceptions
You can manage the SecureCode checks by specifying exceptions for items you want to exclude from “false positives and detections.”
Exception requests are made on a per-program basis, and approved items are no longer detected by that program.