Static application security testing tools are notorious for presenting false positives, i.e., incorrect …
Die deutsche Pressemitteilung zum Preis finden sie hier.
Today marks a significant milestone in our company, as we just received the startup innovation award from OstWestfalenLippe GmbH. Our solution impressed the 12-person jury who stated “CodeShield has succeeded in consistently transferring results from basic research into practical application. The jury sees enormous market potential. On the one hand, because the highly innovative solution can be used by all companies that develop or use cloud software, regardless of the industry. On the other hand, because its innovation addresses one of the most pressing challenges for Germany as a business location: digital sovereignty and security. With this in mind, it is remarkable and a strong signal that the founders are operating their business model from OstWestfalenLippe.”
Proprietary in-depth cloud security analysis
Surveys show that over 80% of companies in Germany use the cloud - and the trend is rising. At the same time, the number of cyberattacks increases dramatically. Cyberattacks are reported almost daily. An additional challenge to securing cloud applications is the high speed by which applications and their infrastructure change. Based on these facts, it is almost impossible to identify all security risks and to protect yourself adequately against them. IT security is therefore a focal point for companies and strengthening digital sovereignty is a decisive factor for the innovation and competitiveness of the German economy as a whole.
This is exactly where our tool comes in. Our cloud security tool supports the secure development and operation of cloud applications of every company regardless of size and industry. Using static analysis technologies, security gaps in application code, open-source libraries, and within the cloud environment can be identified automatically. Incorrect access settings and insecure configurations as well as weak or outdated software packages can be likewise easily detected at an early development stage. The static analysis method we employ is able to analyze even complex systems without influencing their runtime performance in production. All relevant security issues can be identified without triggering too many false alarms. This is a decisive added value compared to other solutions on the market because security teams in companies are often confronted with hundreds or even thousands of warnings every day. A targeted risk assessment and a prioritization engine combined are our technology’s advantages.
Our background story
CodeShield’s technology is the result of long-term development cooperation between the Heinz Nixdorf Institute of the University of Paderborn and the Fraunhofer IEM. The dissertation of the CEO and Co-founder Dr. Johannes Späth, on which the static code analyzes are based, was awarded the renowned Software Engineering Prize of the Ernst-Denert Foundation in 2019. In 2020, CodeShield GmbH had been founded by the security experts Manuel Benz, Andreas Dann, Eric Bodden alongside Johannes Späth. The team complemented its expertise with Johannes Noll, who founded three startups, as a business developer. In 2021, the team invented an innovative cloud model that has been evaluated within companies in proof-of-concepts. The team now keeps constantly expanding the tool’s offering with new features and enhancements.
The OWL Innovation Award is intended for innovative products and services from East Westphalia. The OWL prize is an important business award with a large number of participants. At the 14th call for entries for the competition, 93 companies submitted 94 innovations, and three companies were awarded out of all top-class participants. The evaluation criteria are the degree of innovation, the customer benefit, and the added value compared to other solutions, the market potential, successful collaborations or technology, and knowledge transfer as well as the dynamics of the founding team.