Blade Vulnerability Analyzer

Target and prioritize system vulnerabilities

  • Seamless integration into Eclipse Development Environment and with five open-source vulnerability analysis tools.
  • Improved breadth and accuracy of individual off-the-shelf vulnerability analysis tools.
  • Share results at all subscribed desktops, eliminating the need to deploy all vulnerability analysis tools to each desktop.

Blade Vulnerability Analyzer (BVA) is an analysis product that provides a bottom-up, targeted view of a system’s vulnerabilities. BVA can be used stand-alone or as a plug-in to KDM’s Blade RiskManager (BRM).

As a stand-alone tool, BVA exposes all zero-day vulnerabilities as well as those which could be used to directly exploit the system. It provides a standards-based environment that integrates the outputs of multiple vulnerability analysis tools in a single uniform view of vulnerability information, with unified reporting. BVA leverages OMG Software Assurance Ecosystem standards, Software Fault Patterns (SFPs), and Common Weakness Enumerations (CWEs).

Complete Operational and System Level Visibility

When combined, BRM and BVA provide a comprehensive suite of cyber risk management and vulnerability assessment including:

  • Automated risk analysis, plus
  • Automated vulnerability detection and analysis, plus
  • Traceability
  • Measurement and prioritization that make it easy to plan how to best leverage the risk management budget and resources for greatest impact.

Composite Vulnerability Analysis & Reporting

The BVA plug-and-play environment provides a foundation for composite vulnerability analysis by normalizing, semantically integrating, and collating findings from existing vulnerability analysis tools. This improves the breadth and accuracy of individual off-the-shelf vulnerability analysis tools. It also provides developers and security analysts with a powerful vulnerability analysis and management environment for analyzing, reporting and mitigating discovered defects and vulnerabilities.

Seamless Integration

Out-off-the-box, BVA seamlessly integrates into the Eclipse Development Environment, and with five open-source vulnerability analysis tools:

  • CppCheck
  • RATS
  • Splint
  • FindBugs
  • Jlint

The BVA package includes two components: server/load build, and desktop deployments. Results from the server can be shared at all subscribed desktops. This eliminates the need to deploy all vulnerability analysis tools to every desktop.

Licensing Options Reduce Ownership Costs

KDM’s BVA is offered on a per-seat subscription basis. Our licensing model can dramatically reduce the cost of desktop license fees by up to 80%. Download our case study to find out more.