BLOG

  • Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

    Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

      There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

    Read Article
  • Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

    Webinar with Arm & Wind River: Automotive Safety from the Ground Up: Hardware, OS and Static Analysis

      There are many different types of software systems in a car, each with different requirements around safety and security. The software that performs...

    Read Article
  • CodeSonar in the SWAMP

    CodeSonar in the SWAMP

    INTRODUCTION: The Software Assurance Marketplace (SWAMP) is an open tool set designed to improve quality and security started by the Department of Homeland Security Science and...

    Read Article
  • The Role of Static Application Security Tools (SAST) in DevSecOps

    The Role of Static Application Security Tools (SAST) in DevSecOps

    The term DevSecOps is a contraction of DevOps, itself a contraction of Developer Operations, and Security. It’s the in-vogue buzzword for 2018 that, despite the hype, does have positive...

    Read Article
  • How Does the OWASP Top 10 Apply to C/C++ Development?

    How Does the OWASP Top 10 Apply to C/C++ Development?

    The Open Web Application Security Project (OWASP) is a non-profit organization focused on improving web software security. Each year they publish a top ten list of the most critical web...

    Read Article
  • Using CodeSonar and SARIF with Microsoft Visual Studio Code

    Using CodeSonar and SARIF with Microsoft Visual Studio Code

    Here at GrammaTech, we get compliments on how well CodeSonar and the hub, specifically, handles warning display and the necessary information provided to track down the root cause. ...

    Read Article
  • What Does Application Security Mean for Embedded Devices?

    What Does Application Security Mean for Embedded Devices?

      The term application security is a popular one in the software community. When people refer to application security, they typically talk about enterprise applications, the...

    Read Article
  • CodeSonar’s Integration with Microsoft Visual Studio

    CodeSonar’s Integration with Microsoft Visual Studio

    Microsoft Visual Studio continues, at 21 years old, to be a dominant integrated development environment (IDE) for developers of C, C++, Visual Basic and C# code. It is also a popular...

    Read Article
  • Large Scale Weapon Systems Cybersecurity Threat is a Concern and Opportunity

    Large Scale Weapon Systems Cybersecurity Threat is a Concern and Opportunity

    The Government Accounting Office (GAO) was asked to review the state of the Department of Defense (DOD) weapons systems’ cybersecurity. Unfortunately, their findings were not...

    Read Article
  • The Best of Both Worlds: Aggregating Static Analysis Results from Best of Breed Tools

    The Best of Both Worlds: Aggregating Static Analysis Results from Best of Breed Tools

    Many companies are using a mix of languages and are developing different types of software from low-level drivers and firmware, to middleware and applications with elegant user...

    Read Article
  • Static Analysis Results: A Format and a Protocol: SARIF & SASP

    Static Analysis Results: A Format and a Protocol: SARIF & SASP

    Introduction Static analysis tools are now very widely used in industry, academia, and open-source, so there is an increasing need to foster their integration with other software...

    Read Article
  • Quality and Security Assurance with CodeSonar for Crank Software’s Mission Critical Multi-Platform Storyboard Suite

    Quality and Security Assurance with CodeSonar for Crank Software’s Mission Critical Multi-Platform Storyboard Suite

    Crank Software's products and services enable R&D teams and user interface (UI) designers to quickly and collaboratively develop rich, animated UIs for resource-constrained embedded...

    Read Article
  • Improving Binary Code Analysis with De-compilation

    Improving Binary Code Analysis with De-compilation

      Cyber security risk is a big worry for many people, leading to sleepless nights and baggy eyes. Your security is only as strong as your weakest link and the amount of connectivity...

    Read Article
  • C and C++ Use Continues to Grow: Emphasizes the Need for Tools to Assure Quality and Security

    C and C++ Use Continues to Grow: Emphasizes the Need for Tools to Assure Quality and Security

    A recent survey by IEEE Spectrum showed some interesting results. Python continues to lead in popularity and assembly language(!) entered the top ten for the first time. Of note, is the...

    Read Article
  • C and C++ Use Continues to Grow: Emphasizes the Need for Tools to Assure Quality and Security

    C and C++ Use Continues to Grow: Emphasizes the Need for Tools to Assure Quality and Security

    A recent survey by IEEE Spectrum showed some interesting results. Python continues to lead in popularity and assembly language(!) entered the top ten for the first time. Of note, is the...

    Read Article
  • CodeSonar 5 is released with support for C# and Visual Studio, and  vulnerability assessments

    CodeSonar 5 is released with support for C# and Visual Studio, and  vulnerability assessments

    C# Support CodeSonar 5 enters the world of .NET and C# programming, next to the existing support for C, C++ and Java. This gives CodeSonar coverage of the most popular programming...

    Read Article
  • CodeSonar 5 is released with support for C# and Visual Studio, and  vulnerability assessments

    CodeSonar 5 is released with support for C# and Visual Studio, and  vulnerability assessments

    C# Support CodeSonar 5 enters the world of .NET and C# programming, next to the existing support for C, C++ and Java. This gives CodeSonar coverage of the most popular programming...

    Read Article
  • The Dangers of Copy and Paste

    The Dangers of Copy and Paste

    INTRODUCTION: Copying and pasting code (“copy-paste”) is a primitive but very common form of software re-use. Unfortunately, this practice is fraught with dangers not least of which...

    Read Article
  • The Dangers of Copy and Paste

    The Dangers of Copy and Paste

    INTRODUCTION: Copying and pasting code (“copy-paste”) is a primitive but very common form of software re-use. Unfortunately, this practice is fraught with dangers not least of which...

    Read Article
  • Tech Preview of CodeSonar and VectorCAST Integration

    Tech Preview of CodeSonar and VectorCAST Integration

    We've built a powerful integration between GrammaTech CodeSonar and Vector Informatik VectorCAST/C++ that provides advanced static analysis within the VectorCAST/C++ environment....

    Read Article
  • loading
    Loading More...