CxConsole - code scanning for continuous integration environments

Many organizations rely on a nightly build to do all the needed testing on the code. Typically a build manager will require that all code be checked in at the end of the day for compilation and test execution.  Upon completion, the build manager and a triage team will go through the build results and log any defects found into the team defect management system.  Security testing may be included in this process and historically will run against the code from a built application. The problem with  this approach is the risk that multiple failed builds could push security scans out of the process altogether - or return so many false positives as to make the results undesirable. CxConsole solves this problem.

Increase nightly build and test efficiency
CxConsole is a Command Line Interface (CLI) to the scan engine that can be integrated with the normal check-in scripts and run early, before the code build even starts. The result is an email to a predefined team that points to the result of the run should it fail. Beyond breaking the build, the distribution of the run results allows developers and managers to quickly assess and provide feedback to the developer breaking the build.  

Regardless of whether a project builds or not, CxConsole will run an analysis and provide accurate results that can be immediately used. The increase in efficiency in the nightly build will resist the tendency to drop security from the released product and help deliver higher quality applications than would be otherwise possible.