Hybrid Cloud Deployment of SAST Tools
Meeting Resource Demands by Extending Capabilities to the Cloud.
Read Article
Digital Supply Chain Risk Requires Board Oversight
Software Supply Chains bring Unwanted Risk to your Business
Read Article
Speeding up SAST
Balancing Application Security Testing Results and Resources
Read Article
Using Binary Analysis to Hunt Down OSS Vulnerabilities
Having an SBOM and software inventory aids in identifying 3rd-party vulnerabilities and risk
Read Article
Announcing CodeSonar 7.1 with Support for Hybrid Cloud Deployments and Seamless Integration into DevSecOps Pipelines
GrammaTech CodeSonar 7.1, our static application security testing (SAST) solution, can be deployed in both on-premises and hybrid cloud models to seamlessly integrate into existing...
Read Article
Nominations Now Open for Product Security Executive of the Year Awards!
GrammaTech, and T.E.N., the founder of the Information Security Executive (ISE) of the Year Awards, have recently announced a new award category, the Product Security Executive (PSE) of...
Read Article
How SBOMs Reduce Software Procurement Risk and Improve Enterprise Security
This article was originally posted on Solution Review.
Read Article
Log4j and the Role of SBOMs in Reducing Software Security Risk
Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can...
Read Article
Top three tips for ensuring software supply chain security
At a time when “software supply chain attack” has become a household phrase, the recent vulnerability discovered in the Apache Log4J has delivered a wake-up call to both developers and...
Read Article
Log4j Taught Us a Valuable Lesson
We need to know what’s in the software that is supporting our business.
Read Article
SAST and SCA Solutions Essential to Meeting UN Regulation No. 155 for Vehicle Cybersecurity
The World Forum for Harmonization of Vehicle Regulations (WP.29) of the United Nations Economic Commission for Europe (UNECE) is a global regulatory forum within the UNECE Inland...
Read Article
Software Supply Chain Security Terminology
In light of recent high profile software supply chain security issues such as the SolarWinds attack and the Log4j open source vulnerability, we found it important to identify and explain...
Read Article
Role of SAST and SCA in ISO/SAE 21434 - Road Vehicles Cybersecurity Engineering
As cars become more connected and complex, the amount of software needed is staggering. With 100 million lines of code being standard for current vehicles and up to 300 million for...
Read Article
The Minefields of MISRA Coverage
Modern static application security testing (SAST) tools are typically used for two main purposes: finding bugs, and finding violations of coding standards. The primary purpose of...
Read Article
Accelerating Automotive Software Safety with MISRA C and SAST
The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. Since its inception...
Read Article
Introducing MISRA C Coding Standard to an Existing Code Base
The intent of the Motor Industry Software Reliability Association (MISRA) C coding standard was to define a subset of the C language that minimizes the possibilities of errors. Although...
Read Article
Common Software and Application Security Terms Explained
The software security discipline is full of terminology and it’s important to state our particular definitions for these terms in the context of GrammaTech products and our approach to...
Read Article
Calculating the ROI of SAST in DevSecOps for Embedded Software
With the increasing reliance on software driving critical functionality in all types of products such as industrial controls, medical devices, automotive sensors, flight control systems...
Read Article
How To Address Digital Supply Chain Vulnerabilities
Most organizations do everything they can to manage third-party risks associated with their vendors, agents, resellers and partners. However, a couple of supply chain components are...
Read Article
Coming to Security Mandate Near You: SBOMs
The recent executive order will expand what companies must disclose to the government when a data breach occurs. Like the California Consumer Privacy Act (CCPA), these new rules will...
Read Article