Static Application Security Tool


This static application security tool, CODEMIND detects security weaknesses hidden in software source code and detects runtime errors in advance.

As a cutting-edge technology that detects all execution paths without running software, it is an essential element for securing software safety and security.



  • Configuration management system such as SVN support
  • User direct upload analysis
  • Provid a web-based management system
  • Developer, administrator, and user authority Management
  • Automatic/manual analysis Control


  • Execution error detection
  • Defective code detection
  • Apply the latest summary analysis framework
  • The optimized value analysis engine
  • The highest performance memory analysis engine
  • Procedures analysis at high speed
  • High speed the use of machine learning techniques
  • Selectable for options for analysis speed and accuracy
Major rules of CODEMIND CSI
(Secure Coding Inspection)
  • SQL Injection
  • Resource Injection
  • Cross-site Script
  • OS Command Injection
  • LDAP Injection
  • Cross-site Request Forgery
  • Relative/Absolute Path Traversal
  • Integer Overflow
  • Weak Encryption
  • Hard-coded Password
  • Null Pointer Dereference
  • Data Leak between Sessions
  • Information Leak of System Data
  • Improper Resource Shutdown/Release
  • API abuse
Major rules of CODEMIND CQI
(Code Quality Inspection)
  • Buffer Overrun/Underrun
  • Use after Free
  • Unused Value
  • Unreachable Code
  • Incorrect Numeric Casting
  • Uninitialized Variable
  • Type Overrun/Underrun
  • Null Pointer Dereference
  • Memory Leak
  • Double Free
  • Divide by Zero
  • Return Pointer to Local
  • Null Check after Dereference
  • Mismatched Memory Management


  • Proactively prepare to prevent SW defects from causing business risk

  • Secure security and safety by preventing possible SW hacking and malfunction

  • Complementing the limitations of dynamic analysis by selecting only specific execution paths

  • Dramatically decrease the time, cost and human labor required for development and defect correction