Introduction

JavaScript is not currently enabled, but is required for full CodeSonar manual search and browse functionality.

If you are viewing this file in your hub's Web GUI, enable JavaScript in your browser: you will also need it for GUI functionality.

If you opened this file directly from disk, your browser may be directly suppressing JavaScript functionality: certain browsers perform this suppression on local files (but not files delivered by web servers) for security reasons.

If you access the manual through the hub's Web GUI, the functionality will not be suppressed because the hub is a web server.
Alternatively, your browser may allow you to explicitly disable the security setting that suppresses functionality. See the CodeSonar FAQ for more information.

CodeSonar^® 9.2p0

CONFIDENTIAL

CodeSecure Inc

Welcome

CodeSonar is a robust and flexible tool for locating bugs in a software project. Its combination of powerful bug finding and ease of use make it an ideal tool for developers and code inspectors.

The CodeSonar Enterprise edition has features that enable users to quickly and collaboratively assign, inspect, and resolve warnings.

The Hub	Results from the CodeSonar analysis of a project are sent to a hub, where they are stored in a database that can be accessed through the Web GUI. Multiple users can share a single hub. The hub does not need to be on the same machine as the analysis, or even the same platform. The complete analysis history for each project is available.
Web GUI	The Web GUI provides a great deal of flexibility in viewing analysis results and other information, including searching, sorting, and direct SQL interaction with the hub database. Users can use the Web GUI to browse and annotate results on the hub whether or not they have CodeSonar installed. The HTTP API Reference provides detailed information about constructing and executing HTTP queries to interact directly with the hub.
Straightforward Analysis	Building and analyzing a CodeSonar project is a straightforward process based on your normal software build procedure. No source code annotations are necessary.
Comprehensive Warnings	CodeSonar's built-in checks detect places where the rules of the language are broken, run-time exceptions may be raised, or standard libraries are misused. Users can also extend CodeSonar with custom checks.
Metrics	Metrics are computed and reported.
CWE Integration	Warnings are associated with the appropriate identifiers from the Common Weakness Enumeration. These identifiers are displayed in the Web GUI, and can be used as the basis of searches. CodeSonar is in the process of being certified CWE Compatible and CWE Effective.
Multiple Output Formats	Hub data presented in the CodeSonar GUI can be exported in a variety of formats. Depending on the data, available formats include plain text, CSV, JSON, XML, and SARIF.
Result Filtering	The Web GUI allows users to specify which warnings should be visible at any given time, through a combination of saved searches and user-controlled warning attributes.

The Hub

Results from the CodeSonar analysis of a project are sent to a hub, where they are stored in a database that can be accessed through the Web GUI.

Multiple users can share a single hub.
The hub does not need to be on the same machine as the analysis, or even the same platform.
The complete analysis history for each project is available.

Web GUI

The Web GUI provides a great deal of flexibility in viewing analysis results and other information, including searching, sorting, and direct SQL interaction with the hub database. Users can use the Web GUI to browse and annotate results on the hub whether or not they have CodeSonar installed.
The HTTP API Reference provides detailed information about constructing and executing HTTP queries to interact directly with the hub.

Straightforward Analysis

Building and analyzing a CodeSonar project is a straightforward process based on your normal software build procedure. No source code annotations are necessary.

Comprehensive Warnings

CodeSonar's built-in checks detect places where the rules of the language are broken, run-time exceptions may be raised, or standard libraries are misused.

Users can also extend CodeSonar with custom checks.

Metrics

Metrics are computed and reported.

CWE Integration

Warnings are associated with the appropriate identifiers from the Common Weakness Enumeration. These identifiers are displayed in the Web GUI, and can be used as the basis of searches. CodeSonar is in the process of being certified CWE Compatible and CWE Effective.

Multiple Output Formats

Hub data presented in the CodeSonar GUI can be exported in a variety of formats. Depending on the data, available formats include plain text, CSV, JSON, XML, and SARIF.

Result Filtering

The Web GUI allows users to specify which warnings should be visible at any given time, through a combination of saved searches and user-controlled warning attributes.

System Requirements

Support Questions? Call Us!

We hope you enjoy using this product. If you have technical questions or comments, please call us at (607) 273-7340, or visit CodeSecure support. Nontechnical inquiries can be sent to info@codesecure.com.