네이버블로그 페이스북 유튜브


Static Application Security Tool

This static application security tool, CODEMIND detects security weaknesses hidden in software source code and detects runtime errors in advance.

As a cutting-edge technology that detects all execution paths without running software, it is an essential element for securing software safety and security.

CODEMIND® is a tool that finds security weaknesses and execution errors hidden in the software source code in advance. It is a state-of-the-art static analysis technology that detects defects by examining all execution paths without running the software, so you can maximize the quality and security of your software.

Finance, Medical service Government, Military, Public service Electricity, Communication Automobiles, Trains, Aviation, Habors Software companies

Main function


  • Configuration management system such as SVN support
  • User direct upload analysis
  • Provid a web-based management system
  • Developer, administrator, and user authority Management
  • Automatic/manual analysis Control


  • Execution error detection
  • Defective code detection
  • Apply the latest summary analysis framework
  • The optimized value analysis engine
  • The highest performance memory analysis engine
  • Procedures analysis at high speed
  • High speed the use of machine learning techniques
  • Selectable for options for analysis speed and accuracy

Major rules of CODEMIND CSI
(Secure Coding Inspection)

  • SQL Injection
  • Resource Injection
  • Cross-site Script
  • OS Command Injection
  • LDAP Injection
  • Cross-site Request Forgery
  • Relative/Absolute Path Traversal
  • Integer Overflow
  • Weak Encryption
  • Hard-coded Password
  • Null Pointer Dereference
  • Data Leak between Sessions
  • Information Leak of System Data
  • Improper Resource Shutdown/Release
  • API abuse

Major rules of CODEMIND CQI
(Code Quality Inspection)

  • Buffer Overrun/Underrun
  • Use after Free
  • Unused Value
  • Unreachable Code
  • Incorrect Numeric Casting
  • Uninitialized Variable
  • Type Overrun/Underrun
  • Null Pointer Dereference
  • Memory Leak
  • Double Free
  • Divide by Zero
  • Return Pointer to Local
  • Null Check after Dereference
  • Mismatched Memory Management


Easy quality management

Proactively prepare to prevent SW defects from causing business risk

Improve code quality

Complementing the limitations of dynamic analysis by selecting only specific execution paths

Reduce development cost

Dramatically decrease the time, cost and human labor required for development and defect correction

Gain external relibility

Proactively prepare to prevent SW defects from causing business risk

We will be responsible for
software safety and security while putting
the highest priority on customer value