Data Theorem Releases Code Secure
October 08, 2024

Data Theorem announced the launch of Code Secure, the latest evolution in application security designed to protect the software supply chain from code to deployment.

Code Secure integrates Static Application Security Testing (SAST), Software Composition Analysis (SCA), and Supply Chain Security capabilities—including Software Bill of Materials (SBOM) management—into a comprehensive product offering.

This solution offers application security teams dynamically verified insights into vulnerabilities, open-source dependencies, and the overall software composition, encompassing both first and third-party components. By automating the analysis of security issues across the entire codebase, Code Secure minimizes the manual effort involved in sifting through vast amounts of data. It empowers teams to prioritize the most critical vulnerabilities, enabling faster remediation and strengthening security earlier in the development lifecycle. This proactive approach significantly reduces the risk of breaches, while ensuring continuous compliance with industry standards, providing peace of mind as applications scale in complexity.

Code Secure's Full Stack Security analysis offers advantages by providing visibility across all layers of an application's architecture—from code, APIs, and open-source libraries to cloud environments and third-party components. By connecting these elements in a single, cohesive view, Code Secure enables security teams to not only identify vulnerabilities in isolation but to understand how they interrelate and impact the overall security posture. This full-stack visibility allows teams to address root causes more effectively, improving the accuracy of risk assessments and enhancing their ability to defend against evolving attack vectors. Ultimately, this helps organizations maintain a stronger, more resilient security posture, even as applications evolve through development, deployment, and scaling.

"Data Theorem is committed to leading the market in application and API security innovation," said Doug Dooley, COO at Data Theorem. "With Code Secure, we've built on the foundation of our Supply Chain Secure product to offer an integrated approach that helps security and DevOps teams confidently secure their software. By consolidating SAST, SCA, and SBOM management with real-time verification and attack path visualization, Code Secure delivers unparalleled protection for organizations. This new, integrated code security offering delivers significant cost savings and simplicity for customers seeking to eliminate complexity and alert fatigue often associated with their legacy SAST and SCA scanning tools."

Key Differentiators of Code Secure Include:

- Tool Consolidation: Code Secure integrates SAST, SCA, Supply Chain, and SBOM management, reducing the need for multiple, overlapping tools.

- Dynamic Verification: DAST (Dynamic Application Security Testing) verification of code findings for APIs and applications ensures more accurate identification of vulnerabilities.

- Attack Path Visualization: Code-level violations are incorporated into attack path visualizations, providing security teams with a clearer understanding of potential exploit pathways.

Code Secure is available now.

Share this

Industry News

May 27, 2025

AI-fueled attacks and hyperconnected IT environments have made threat exposure one of the most urgent cybersecurity challenges facing enterprises today. In response, Check Point® Software Technologies Ltd.(link is external) announced a definitive agreement to acquire Veriti Cybersecurity, the first fully automated, multi-vendor pre-emptive threat exposure and mitigation platform.

May 27, 2025

LambdaTest announced the launch of its Automation MCP Server, a solution designed to simplify and accelerate the process of triaging test failures.

May 27, 2025

DefectDojo announced the launch of their next-gen Security Operations Center (SOC) capabilities for DefectDojo Pro, which provides both SOC and AppSec professionals a unified platform for noise reduction and prioritization of SOC alerts and AppSec findings.

May 22, 2025

Red Hat announced enhanced features to manage Red Hat Enterprise Linux.

May 22, 2025

StackHawk has taken on $12 Million in additional funding from Sapphire and Costanoa Ventures to help security teams keep up with the pace of AI-driven development.

May 21, 2025

Red Hat announced jointly-engineered, integrated and supported images for Red Hat Enterprise Linux across Amazon Web Services (AWS), Google Cloud and Microsoft Azure.

May 21, 2025

Komodor announced the integration of the Komodor platform with Internal Developer Portals (IDPs), starting with built-in support for Backstage and Port.

May 21, 2025

Operant AI announced Woodpecker, an open-source, automated red teaming engine, that will make advanced security testing accessible to organizations of all sizes.

May 21, 2025

As part of Summer '25 Edition, Shopify is rolling out new tools and features designed specifically for developers.

May 21, 2025

Lenses.io announced the release of a suite of AI agents that can radically improve developer productivity.

May 20, 2025

Google unveiled a significant wave of advancements designed to supercharge how developers build and scale AI applications – from early-stage experimentation right through to large-scale deployment.

May 20, 2025

Red Hat announced Red Hat Advanced Developer Suite, a new addition to Red Hat OpenShift, the hybrid cloud application platform powered by Kubernetes, designed to improve developer productivity and application security with enhancements to speed the adoption of Red Hat AI technologies.

May 20, 2025

Perforce Software announced Perforce Intelligence, a blueprint to embed AI across its product lines and connect its AI with platforms and tools across the DevOps lifecycle.

May 20, 2025

CloudBees announced CloudBees Unify, a strategic leap forward in how enterprises manage software delivery at scale, shifting from offering standalone DevOps tools to delivering a comprehensive, modular solution for today’s most complex, hybrid software environments.