Secure your applications from the start

Cyberspect is an application security analyzer. Tightly integrated with Visual Studio, Cyberspect inspects code with every build and provides immediate feedback — so that every developer on your team can secure their code from the outset.

Learn More
Cyberspect Visual Studio integration

Tightly integrated with Visual Studio

Easy to install and start using with no configuration or additional hardware required. Cyberspect works with you to point out potential security concerns while you develop, and makes it easy to see the origin of any vulnerabilities found.

Cyberspect works with all editions of Microsoft Visual Studio starting with version 2010 (except Express), and .NET Framework 2.0 or greater.

Visual Studio integration

Robust cyber security rule set

Cyberspect uses a comprehensive set of inspection rules to quickly identify many types of security weaknesses. This growing list is updated to keep up with the latest cyber threats.

  • Use of older and less secure .NET framework features
  • Use of hard-coded credentials, passwords, and keys
  • Use of insecure encryption algorithms and options
  • Use of referenced third-party libraries with known security vulnerabilities
  • Insecure .NET configuration settings
  • Potential injection errors: SQL, LDAP, XPATH, OS commands
  • Cross-site scripting and request forgery (XSS/CSRF)
  • Improper or insufficient use of TLS/SSL
  • Regulatory compliance including HIPAA/HITECH, PCI DSS, NIST SP800-53, etc.
Cyberspect rule configuration

Like having a security expert working alongside your developers

Cyberspect provides regularly updated guidance on each discovered vulnerability, with industry classification, detailed remediation advice, and references for further research. It also provides functions for generating distributable interactive reports that provide context towards compliance with various industry standards and government regulations.

OWASP Top 10 Report

Improved vulnerability resolution workflow

Cyberspect tracks when new vulnerabilities are introduced as well as changes made to remediate these vulnerabilites, with very little performance overhead. It is designed to minimize the impact to your normal development workflow, and allows developers to suppress findings with an exception reason that is documented for audit purposes.

Adding a finding exception

Product Screenshots

Why Application Security?

  • Hardware is easy to protect: lock it in a room, chain it to a desk, or buy a spare. Information poses more of a problem. It can exist in more than one place; be transported halfway across the planet in seconds; and be stolen without your knowledge.

    Bruce Schneier

  • Over 70% of security vulnerabilities exist at the application layer, not the network layer.

    Gartner

  • If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.

    Richard Clarke

  • In 2015, 82% of 795 confirmed data breaches for organizations in the finance sector were the result of web application attacks.

    2015 Verizon Data Breach Investigations Report