Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

Case Study: LACROIX Sofrel Partners with GrammaTech to Secure Water Networks

Read Article
LACROIX Sofrel Case Study | GrammaTech CodeSonar

Read the document
Using CodeSonar with FreeRTOS: An Example

The Crazyflie is a programmable drone sold by Bitcraze that was designed to be “hacked” and runs open source software for its control and operating system. In particular, this drone...

Read Article
GrammaTech Appoints Vince Arneja as Chief Product Officer

...

Read Article
Copy and Paste Errors Afflict FFmpeg

Copy and paste errors are bugs caused by misuse of local reuse of code by simple editor copy and paste commands. As we discussed in a previous post, it’s probably the most common form...

Read Article
Five Points Capital Completes Acquisition of GrammaTech

...

Read Article
Bug-Injector Research Receives IEEE SCAM 2019 Distinguished Paper

...

Read Article
GrammaTech Wins IEEE SCAM 2019 Distinguished Paper Award for Bug-Injector Research

During the International Working Conference on Source Code Analysis & Manipulation (SCAM), a GrammaTech research publication was awarded the Institute of Electrical and Electronics...

Read Article
CodeSonar Binary Code Analysis for Power Architecture

Read Article
Webinar Recording - Why Realizing Safe, Secure Software Requires Building on Strong Foundations

The challenge of designing safe and secure software systems has never been greater. The emergence of increasingly complex cyber-physical systems, such as...

Read Article
Static Analysis in Automotive SPICE

The Automotive SPICE (software process improvement and capability determination) is a software development process standard that outlines the maturity model for software development,...

Read Article
Using CodeSonar to Evaluate Software for the 2019 CWE Top 25 Most Dangerous Software Errors

The Common Weakness Enumeration (CWE) Top 25 most dangerous software errors, a.k.a., the CWE Top 25 is a list of the most common weaknesses that lead to security vulnerabilities. It is...

Read Article
1:47

Work at GrammaTech

Watch Video
Introducing MISRA C Coding Standard to an Existing Code Base

The intent of the Motor Industry Software Reliability Association (MISRA) C coding standard was to define a subset of the C language that minimizes the possibilities of errors. Although...

Read Article
GrammaTech on List of Top Ten Homeland Security Solution Providers

...

Read Article
The Role of Static Analysis in Assessing Trustworthiness of IIoT Software

In a previous post I introduced the Industrial Internet Consortium (IIC), the reference architecture and the concepts of trustworthiness used in their security framework. Since that...

Read Article
How Sound Static Analysis Complements Heuristic Analysis

Not all static analysis tools work the same, there are in fact a spectrum of tools that use a variety of techniques ranging from relatively simple syntactic analysis through very...

Read Article
How Sound Static Analysis Complements Heuristic Analysis

Not all static analysis tools work the same, there are in fact a spectrum of tools that use a variety of techniques ranging from relatively simple syntactic analysis through very...

Read Article
4:21

Life at GrammaTech

Interested in applying to GrammaTech? Here we take an inside look at our corporate culture, discuss benefits, tour the office, and offer an introduction to all things GrammaTech - take a look!

Watch Video
Tainted Data and Format String Attack Strike Again

A recent code execution vulnerability (we also call this a code injection vulnerably) was discovered in Palo Alto Networks’ GlobalProtect SSL VPN, a product that handles SSL handshakes...

Read Article
Loading More...

Latest Content

Case Study: LACROIX Sofrel Partners with GrammaTech to Secure Water Networks

LACROIX Sofrel Case Study | GrammaTech CodeSonar

Using CodeSonar with FreeRTOS: An Example

The Crazyflie is a programmable drone sold by Bitcraze that was designed to be “hacked” and runs open source software for its control and operating system. In particular, this drone...

GrammaTech Appoints Vince Arneja as Chief Product Officer

...

Copy and Paste Errors Afflict FFmpeg

Copy and paste errors are bugs caused by misuse of local reuse of code by simple editor copy and paste commands. As we discussed in a previous post, it’s probably the most common form...

Five Points Capital Completes Acquisition of GrammaTech

...

Bug-Injector Research Receives IEEE SCAM 2019 Distinguished Paper

...

GrammaTech Wins IEEE SCAM 2019 Distinguished Paper Award for Bug-Injector Research

During the International Working Conference on Source Code Analysis & Manipulation (SCAM), a GrammaTech research publication was awarded the Institute of Electrical and Electronics...

CodeSonar Binary Code Analysis for Power Architecture

Webinar Recording - Why Realizing Safe, Secure Software Requires Building on Strong Foundations

The challenge of designing safe and secure software systems has never been greater. The emergence of increasingly complex cyber-physical systems, such as...

Static Analysis in Automotive SPICE

The Automotive SPICE (software process improvement and capability determination) is a software development process standard that outlines the maturity model for software development,...

Using CodeSonar to Evaluate Software for the 2019 CWE Top 25 Most Dangerous Software Errors

The Common Weakness Enumeration (CWE) Top 25 most dangerous software errors, a.k.a., the CWE Top 25 is a list of the most common weaknesses that lead to security vulnerabilities. It is...

Work at GrammaTech

Introducing MISRA C Coding Standard to an Existing Code Base

The intent of the Motor Industry Software Reliability Association (MISRA) C coding standard was to define a subset of the C language that minimizes the possibilities of errors. Although...

GrammaTech on List of Top Ten Homeland Security Solution Providers

...

The Role of Static Analysis in Assessing Trustworthiness of IIoT Software

In a previous post I introduced the Industrial Internet Consortium (IIC), the reference architecture and the concepts of trustworthiness used in their security framework. Since that...

How Sound Static Analysis Complements Heuristic Analysis

Not all static analysis tools work the same, there are in fact a spectrum of tools that use a variety of techniques ranging from relatively simple syntactic analysis through very...

How Sound Static Analysis Complements Heuristic Analysis

Not all static analysis tools work the same, there are in fact a spectrum of tools that use a variety of techniques ranging from relatively simple syntactic analysis through very...

Life at GrammaTech

Interested in applying to GrammaTech? Here we take an inside look at our corporate culture, discuss benefits, tour the office, and offer an introduction to all things GrammaTech - take a look!

Tainted Data and Format String Attack Strike Again

A recent code execution vulnerability (we also call this a code injection vulnerably) was discovered in Palo Alto Networks’ GlobalProtect SSL VPN, a product that handles SSL handshakes...