Latest Content

The global increase in connectivity and reliance on software is opening doors to exploits daily. Software quality and security is more important now than ever before.

Static Analysis for Python in CodeSonar

In a previous post we discussed the continuing popularity of C and C++ as a programming language, the surveys referenced there showed that Python is more popular each year and is now...

Read Article
Embedded World 2019 Presentation: Static Analysis for Safety and Security

Read Article
Integrating Clang Static Analyzer with CodeSonar using SARIF

We have discussed the benefits of using SARIF, an open standard for exchanging static analysis results, in a previous post. Integration between tools is simplified by using this open...

Read Article
Using Static Analysis to Detect API Usage Anomalies

Read Article
New Release of CodeSonar Focuses on Safety Critical Systems and IoT

We’re excited about the new release of CodeSonar, versions 5.1, that increases focus on safety critical systems and associated standards and supports multiple programming languages that...

Read Article
GrammaTech Releases CodeSonar® 5.1 with IoT Focus

...

Read Article
Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

Read Article
Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

Read Article
CodeSonar in the SWAMP

INTRODUCTION: The Software Assurance Marketplace (SWAMP) is an open tool set designed to improve quality and security started by the Department of Homeland Security Science and...

Read Article
GrammaTech Adds Real World Benchmarks to SWAMP

...

Read Article
DARPA Awards GrammaTech $8.4M for Autonomous Cyber Hardening Technology

...

Read Article
The Role of Static Application Security Tools (SAST) in DevSecOps

The term DevSecOps is a contraction of DevOps, itself a contraction of Developer Operations, and Security. It’s the in-vogue buzzword for 2018 that, despite the hype, does have positive...

Read Article
How Does the OWASP Top 10 Apply to C/C++ Development?

The Open Web Application Security Project (OWASP) is a non-profit organization focused on improving web software security. Each year they publish a top ten list of the most critical web...

Read Article
Using CodeSonar and SARIF with Microsoft Visual Studio Code

Here at GrammaTech, we get compliments on how well CodeSonar and the hub, specifically, handles warning display and the necessary information provided to track down the root cause. ...

Read Article
What Does Application Security Mean for Embedded Devices?

The term application security is a popular one in the software community. When people refer to application security, they typically talk about enterprise applications, the...

Read Article
CodeSonar’s Integration with Microsoft Visual Studio

Microsoft Visual Studio continues, at 21 years old, to be a dominant integrated development environment (IDE) for developers of C, C++, Visual Basic and C# code. It is also a popular...

Read Article
Large Scale Weapon Systems Cybersecurity Threat is a Concern and Opportunity

The Government Accounting Office (GAO) was asked to review the state of the Department of Defense (DOD) weapons systems’ cybersecurity. Unfortunately, their findings were not...

Read Article
The Best of Both Worlds: Aggregating Static Analysis Results from Best of Breed Tools

Many companies are using a mix of languages and are developing different types of software from low-level drivers and firmware, to middleware and applications with elegant user...

Read Article
OSD Awards GrammaTech $1M for Binary Architecture Recovery Research

...

Read Article
Static Analysis Results: A Format and a Protocol: SARIF & SASP

Introduction Static analysis tools are now very widely used in industry, academia, and open-source, so there is an increasing need to foster their integration with other software...

Read Article
Loading More...

Latest Content

Static Analysis for Python in CodeSonar

In a previous post we discussed the continuing popularity of C and C++ as a programming language, the surveys referenced there showed that Python is more popular each year and is now...

Embedded World 2019 Presentation: Static Analysis for Safety and Security

Integrating Clang Static Analyzer with CodeSonar using SARIF

We have discussed the benefits of using SARIF, an open standard for exchanging static analysis results, in a previous post. Integration between tools is simplified by using this open...

Using Static Analysis to Detect API Usage Anomalies

New Release of CodeSonar Focuses on Safety Critical Systems and IoT

We’re excited about the new release of CodeSonar, versions 5.1, that increases focus on safety critical systems and associated standards and supports multiple programming languages that...

GrammaTech Releases CodeSonar® 5.1 with IoT Focus

...

Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

CodeSonar in the SWAMP

INTRODUCTION: The Software Assurance Marketplace (SWAMP) is an open tool set designed to improve quality and security started by the Department of Homeland Security Science and...

GrammaTech Adds Real World Benchmarks to SWAMP

...

DARPA Awards GrammaTech $8.4M for Autonomous Cyber Hardening Technology

...

The Role of Static Application Security Tools (SAST) in DevSecOps

The term DevSecOps is a contraction of DevOps, itself a contraction of Developer Operations, and Security. It’s the in-vogue buzzword for 2018 that, despite the hype, does have positive...

How Does the OWASP Top 10 Apply to C/C++ Development?

The Open Web Application Security Project (OWASP) is a non-profit organization focused on improving web software security. Each year they publish a top ten list of the most critical web...

Using CodeSonar and SARIF with Microsoft Visual Studio Code

Here at GrammaTech, we get compliments on how well CodeSonar and the hub, specifically, handles warning display and the necessary information provided to track down the root cause. ...

What Does Application Security Mean for Embedded Devices?

The term application security is a popular one in the software community. When people refer to application security, they typically talk about enterprise applications, the...

CodeSonar’s Integration with Microsoft Visual Studio

Microsoft Visual Studio continues, at 21 years old, to be a dominant integrated development environment (IDE) for developers of C, C++, Visual Basic and C# code. It is also a popular...

Large Scale Weapon Systems Cybersecurity Threat is a Concern and Opportunity

The Government Accounting Office (GAO) was asked to review the state of the Department of Defense (DOD) weapons systems’ cybersecurity. Unfortunately, their findings were not...

The Best of Both Worlds: Aggregating Static Analysis Results from Best of Breed Tools

Many companies are using a mix of languages and are developing different types of software from low-level drivers and firmware, to middleware and applications with elegant user...

OSD Awards GrammaTech $1M for Binary Architecture Recovery Research

...

Static Analysis Results: A Format and a Protocol: SARIF & SASP

Introduction Static analysis tools are now very widely used in industry, academia, and open-source, so there is an increasing need to foster their integration with other software...