CodeV 2.0 Specifications

The CodeV validation process understands multiple vulnerability types, of which the following list presents the most relevant ones. OWASP TOP10, SANS and CERT-CC were used as the basis for relevancy determination.

SQL Injection - Incorrectly filtered escape characters

SQL Injection - Incorrect type handling

Blind SQL injection

Code Inclusion - Remote File Inclusion (RFI)

Code Inclusion - Local File Inclusion (LFI)

Reflected Cross site Scripting

Stored Cross Site Scripting

Dangerous Functions

Deprecated Functions

Cross Site Request Forgery (CSRF)

LDAP Injection

Weak / faulty Cryptography

Uninitialized variable

Dangerous codestyle

Information Leak

File Path Injection

Relative Path Traversal

Variable Value propagation

Command Injection

Non Sanitized Inputs

CodeV 2.0 offers 3 types of analysis.

CONTEXT ANALYSIS

Takes into account the context of the code stream, code flows and existing files. In this type of analysis, CodeV knows the possible values for each particular variable in every code flow, passing through different files, classes and contexts, and uses this data to determine if said flow is vulnerable and consequently exploitable. It's characterized by being very deterministic, originating considerably less false positives.

FUNCTIONAL ANALYSIS

Function and/or code block oriented, has the capacity to analyze and verify security vulnerabilities in code. This type of analysis is characterized by being faster, more prone to false positives and less susceptible to false negatives.

HYBRID ANALYSIS

Last approach that CodeV provides, consists in the combination of Flow Analysis and Functional Analysis, resulting in a deterministic analysis, that not only detects few false positives but also few false negatives.

This page provides technical information of CodeV's features.
If you wish to know more about the vulnerabilities detected by CodeV on OpenSource Software, click here.
up