BLOG

  • SAST Tools Must Support Your Embedded Operating Systems, Toolchains & Compilers - Chose Wisely

    SAST Tools Must Support Your Embedded Operating Systems, Toolchains & Compilers - Chose Wisely

    Embedded software development is very close to the development platform used. Whether it’s bare metal development, commercial RTOS or embedded Linux, the tool chain is an important...

    Read Article
  • Announcing CodeSentry 4.2 with New Editions and Component Search

    Announcing CodeSentry 4.2 with New Editions and Component Search

    GrammaTech’s leading binary Software Composition Technology (SCA) solution, CodeSentry, provides valuable insights to open-source software (OSS) components within your software without...

    Read Article
  • Top Considerations in Mastering SAST

    Top Considerations in Mastering SAST

    Actions to Introduce Application Security in DevSecOps

    Read Article
  • Hybrid Cloud Deployment of SAST Tools

    Hybrid Cloud Deployment of SAST Tools

    Meeting Resource Demands by Extending Capabilities to the Cloud. 

    Read Article
  • Digital Supply Chain Risk Requires Board Oversight

    Digital Supply Chain Risk Requires Board Oversight

    Software Supply Chains bring Unwanted Risk to your Business 

    Read Article
  • Speeding up SAST

    Speeding up SAST

    Balancing Application Security Testing Results and Resources   

    Read Article
  • Using Binary Analysis to Hunt Down OSS Vulnerabilities

    Using Binary Analysis to Hunt Down OSS Vulnerabilities

    Having an SBOM and software inventory aids in identifying 3rd-party vulnerabilities and risk 

    Read Article
  • Announcing CodeSonar 7.1 with Support for Hybrid Cloud Deployments and Seamless Integration into DevSecOps Pipelines

    Announcing CodeSonar 7.1 with Support for Hybrid Cloud Deployments and Seamless Integration into DevSecOps Pipelines

    GrammaTech CodeSonar 7.1, our static application security testing (SAST) solution, can be deployed in both on-premises and hybrid cloud models to seamlessly integrate into existing...

    Read Article
  • Nominations Now Open for Product Security Executive of the Year Awards!

    Nominations Now Open for Product Security Executive of the Year Awards!

    GrammaTech, and T.E.N., the founder of the Information Security Executive (ISE) of the Year Awards, have recently announced a new award category, the Product Security Executive (PSE) of...

    Read Article
  • How SBOMs Reduce Software Procurement Risk and Improve Enterprise Security

    How SBOMs Reduce Software Procurement Risk and Improve Enterprise Security

    This article was originally posted on Solution Review.

    Read Article
  • Log4j and the Role of SBOMs in Reducing Software Security Risk

    Log4j and the Role of SBOMs in Reducing Software Security Risk

    Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can...

    Read Article
  • Top three tips for ensuring software supply chain security

    Top three tips for ensuring software supply chain security

    At a time when “software supply chain attack” has become a household phrase, the recent vulnerability discovered in the Apache Log4J has delivered a wake-up call to both developers and...

    Read Article
  • Log4j Taught Us a Valuable Lesson

    Log4j Taught Us a Valuable Lesson

    We need to know what’s in the software that is supporting our business.

    Read Article
  • SAST and SCA Solutions Essential to Meeting UN Regulation No. 155 for Vehicle Cybersecurity

    SAST and SCA Solutions Essential to Meeting UN Regulation No. 155 for Vehicle Cybersecurity

    The World Forum for Harmonization of Vehicle Regulations (WP.29) of the United Nations Economic Commission for Europe (UNECE) is a global regulatory forum within the UNECE Inland...

    Read Article
  • Software Supply Chain Security Terminology

    Software Supply Chain Security Terminology

    In light of recent high profile software supply chain security issues such as the SolarWinds attack and the Log4j open source vulnerability, we found it important to identify and explain...

    Read Article
  • Role of SAST and SCA in ISO/SAE 21434 - Road Vehicles Cybersecurity Engineering

    Role of SAST and SCA in ISO/SAE 21434 - Road Vehicles Cybersecurity Engineering

    As cars become more connected and complex, the amount of software needed is staggering. With 100 million lines of code being standard for current vehicles and up to 300 million for...

    Read Article
  • The Minefields of MISRA Coverage

    The Minefields of MISRA Coverage

    Modern static application security testing (SAST) tools are typically used for two main purposes: finding bugs, and finding violations of coding standards. The primary purpose of...

    Read Article
  • Accelerating Automotive Software Safety with MISRA C and SAST

    Accelerating Automotive Software Safety with MISRA C and SAST

    The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. Since its inception...

    Read Article
  • Introducing MISRA C Coding Standard to an Existing Code Base

    Introducing MISRA C Coding Standard to an Existing Code Base

    The intent of the Motor Industry Software Reliability Association (MISRA) C coding standard was to define a subset of the C language that minimizes the possibilities of errors. Although...

    Read Article
  • Common Software and Application Security Terms Explained

    Common Software and Application Security Terms Explained

    The software security discipline is full of terminology and it’s important to state our particular definitions for these terms in the context of GrammaTech products and our approach to...

    Read Article
  • loading
    Loading More...