Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

  • A New Era of Software Forensics with Static Analysis

    A New Era of Software Forensics with Static Analysis

    Read the document
  • Enhancing Code Reviews with Static Analysis

    Enhancing Code Reviews with Static Analysis

    INTRODUCTION: Code reviews (or inspections) are an effective way to reduce defects in software projects. In fact, defect removal rate can be as high as 75%, meaning two thirds of all...

    Read Article
  • ×

    Receive Monthly Updates in your Inbox

    Thank you!
    Error - something went wrong!
  • The Economics of Static Analysis Tool Usage

    The Economics of Static Analysis Tool Usage

    INTRODUCTION: The most effective tool is one that reports a good number of true positives, without too many false negatives, without consuming too much compute...

    Read Article
  • Human Factors in Evaluating Static Analysis Tools

    Human Factors in Evaluating Static Analysis Tools

    INTRODUCTION: Advanced static analysis tools are popular because they have proven effective at finding serious programming defects. In contrast to traditional dynamic testing, the...

    Read Article
  • Interpreting CodeSonar for Binaries Results Part 2

    Interpreting CodeSonar for Binaries Results Part 2

    INTRODUCTION: In part one of this post, I talked about understanding the various pieces of information reported by GrammaTech CodeSonar binary analysis reports. In this second part,...

    Read Article
  • Risk Dashboard - New Feature in CodeSonar 4.5

    Ithaca, NY  -  GrammaTech, a leading provider of software assurance tools and cyber-security solutions, today announced the availability of the CodeSonar Risk Dashboard as a key...

    Read Article
  • Accelerating Automotive Software Safety with MISRA and Static Analysis

    Accelerating Automotive Software Safety with MISRA and Static Analysis

    Read the document
  • Interpreting CodeSonar for Binaries Results Part 1

    Interpreting CodeSonar for Binaries Results Part 1

    INTRODUCTION: So you’ve installed CodeSonar for Binaries, set up your hub, and managed to perform an analysis. You are now face-to-face with tons of warning reports that are encoded...

    Read Article
  • Managing Third-Party Code Security and Quality with Binary Analysis

    Managing Third-Party Code Security and Quality with Binary Analysis

    INTRODUCTION: According to VDC Research, 45% of embedded projects involve outsourcing product development. The use of outsourced and open source code, commercial software (COTS),...

    Read Article
  • CodeSonar Binary Analysis: Library Demonstration6:30

    CodeSonar Binary Analysis: Library Demonstration

    In this demonstration GrammaTech CodeSonar binary analysis is used to analyze an external library used in a project.

    Watch Video
  • The Role of Static Analysis in a Secure Software Development Lifecycle

    The Role of Static Analysis in a Secure Software Development Lifecycle

    INTRODUCTION: "When should static analysis be applied?" The answer to this question is fairly straightforward: "whenever code is being developed." This however, is a simplification....

    Read Article
  • GrammaTech Named to 50 Most Promising IoT Solution Providers

    GrammaTech Named to 50 Most Promising IoT Solution Providers

    GrammaTech, a leading developer of software-assurance tools and advanced cyber-security solutions, was named to CIO Review Magazine’s list of 50 Most Promising IoT Solution Providers of...

    Read Article
  • ×

    Receive Monthly Updates in your Inbox

    Thank you!
    Error - something went wrong!
  • Software Supply Chain Risk Management1:54

    Software Supply Chain Risk Management

    Watch Video
  • Automated Binary Code Analysis for Software Forensics

    Automated Binary Code Analysis for Software Forensics

    INTRODUCTION: In my last post, I talked about extending the term software forensics to include any investigation of software, whether to detect crime, or for example, investigate a...

    Read Article
  • Static Analysis, Railway Safety-Critical Software, and EN 50128-8

    Static Analysis, Railway Safety-Critical Software, and EN 50128-8

    Read the document
  • Allworx

    Allworx

    Read the document
  • Software Forensics: Beyond the Law

    Software Forensics: Beyond the Law

    INTRODUCTION: Traditionally, the term "forensics" is the use of science to discover evidence of criminal activity. Extending this to software broadens the use case to consider all of...

    Read Article
  • GrammaTech CodeSonar1:29

    GrammaTech CodeSonar

    CodeSonar® is a sophisticated static analysis tool for source code and binary code, that detects bugs and security vulnerabilities that other static analysis tools miss.

    Watch Video
  • Reps at Sixty

    A look at the development of machine-code analysis and the difference between academic and commercial research Recently, the Reps at Sixty workshop was held in Edinburgh, Scotland in honor of my...

    Read Article
  • Homeland Security Issues Guidance on IoT Security

    Homeland Security Issues Guidance on IoT Security

    INTRODUCTION: The Department of Homeland Security (DHS) published its recent IoT security guidelines after many months of deliberation. The document codifies many of the...

    Read Article
  • VDC finds IoT fueling faster software development but with greater requirements for security protection

    VDC finds IoT fueling faster software development but with greater requirements for security protection

    INTRODUCTION: VDC’s recent report “Software Assembly Practices Necessitate More Precautions” highlights a significant software challenge for IoT device manufacturers. A majority of...

    Read Article
  • loading
    Loading More...