How to Get the Most Value from Static Analysis

Identify serious defects and security vulnerabilities that can result in system crashes, unexpected behavior, and security breaches.

  • Finding Bugs is Only the Beginning

    Finding Bugs is Only the Beginning

    I sometimes describe our main commercial product, CodeSonar, as a “defect detection tool.” While this is a convenient shorthand, it ignores a lot of what CodeSonar attempts to...

    Read Article
  • Tainted Data Analysis in CodeSonar6:05

    Tainted Data Analysis in CodeSonar

    What is tainted data analysis? How can you leverage taint analysis to find anomalous or unstructured data that can be used by attackers to gain access or crash an application? The questions answered a

    Watch Video
  • ×

    Receive Monthly Updates in your Inbox

    Thank you!
    Error - something went wrong!
  • What is Taint Checking?

    What is Taint Checking?

          Taint checking? This isn't a trap, I promise. It sounds vulgar, but its etymology is perfectly reasonable, stemming from the notion...

    Read Article
  • The Advantages of Hybrid Source and Binary Static Analysis

    The Advantages of Hybrid Source and Binary Static Analysis

        INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Before then, the only option for binary analysis was to ship your code to specialists who...

    Read Article
  • CodeSonar for JIRA (Plugin)

    CodeSonar for JIRA (Plugin)

     

    Read Article
  • Conquering Complex Java Concurrency Bugs with CodeSonar

    Conquering Complex Java Concurrency Bugs with CodeSonar

    This whitepaper describes the most detrimental concurrency bugs, along with how to identify and eliminate these bugs using CodeSonar.

    Read the document
  • Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

    Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

    Read the document
  • Measuring the Value of Static Analysis Tool Deployments

    Measuring the Value of Static Analysis Tool Deployments

    Read the document
  • Embedded Software Design: Best Practices for Static Analysis Tools

    Embedded Software Design: Best Practices for Static Analysis Tools

    Read the document
  • Finding Concurrency Errors with GrammaTech Static Analysis

    Finding Concurrency Errors with GrammaTech Static Analysis

    Read the document
  • Narrow-Solution Static Analysis Tools vs. CodeSonar4:40

    Narrow-Solution Static Analysis Tools vs. CodeSonar

    Static analysis tools range widely in scope. Narrower tools, including commercial tools like PC-lint and open-source tools like CPPcheck, can be used to find basic bugs in code, but they become apples

    Watch Video
  • How CodeSonar Compares to PC-Lint (and other similar tools)

    How CodeSonar Compares to PC-Lint (and other similar tools)

    Read the document
  • ×

    Receive Monthly Updates in your Inbox

    Thank you!
    Error - something went wrong!
  • How Static Analysis Improves Safety and Security for Multicore Platforms

    How Static Analysis Improves Safety and Security for Multicore Platforms

    INTRODUCTION: Multicore processors are ubiquitous in embedded devices but still pose a challenge for developing safety-critical and security-critical devices. True concurrency offered by...

    Read Article
  • Software Assurance and Software Hardening3:57

    Software Assurance and Software Hardening

    Source code analysis, binary code analysis, tainted data analysis, sophisticated multicore analyses, and more. Learn about GrammaTech's unique software assurance and software hardening solutions.

    Watch Video
  • Making Safety-Critical Software Development Affordable with Static Analysis

    Making Safety-Critical Software Development Affordable with Static Analysis

    Read the document
  • How Static Analysis Can Accelerate Software Safety Certification

    How Static Analysis Can Accelerate Software Safety Certification

      INTRODUCTION: Software safety certification is both an old and new reality in the embedded systems world. Developers of devices such as avionics systems have been using strict DO-178A/B/C...

    Read Article
  • Using Benchmarks to Assess Static Analysis Tools

    Using Benchmarks to Assess Static Analysis Tools

        Researchers from Toyota recently published a paper entitled "Test Suites for Benchmarks of Static AnalysisTools" at the 26th IEEE International Symposium on Software Reliability Engineering...

    Read Article
  • How Does CodeSonar Find More Bugs?1:32

    How Does CodeSonar Find More Bugs?

    GrammaTech's VP of Engineering, Paul Anderson, describes CodeSonar's static analysis engine.

    Watch Video
  • Detecting Domain-Specific Coding Errors with Static Analysis

    Detecting Domain-Specific Coding Errors with Static Analysis

    Read the document
  • The ROI of Static Analysis in Safety-Critical Software Development

    The ROI of Static Analysis in Safety-Critical Software Development

    INTRODUCTION: As stated in my previous post, safety-critical software is expensive to develop and static analysis tools are highly recommended by both certification standards and practitioners in...

    Read Article
  • loading
    Loading More...