How To Mitigate Software Supply Chain Risk & Threat

Analyze both source code and binaries to take control of your software supply chain and eliminate the most costly and hard-to-find defects early in the development cycle.

  • Prevent Cybercrime and Insider Attacks in Your Company with Static Analysis

    Prevent Cybercrime and Insider Attacks in Your Company with Static Analysis

    Read the document
  • Protecting Security-Sensitive Software From Spectre

    Protecting Security-Sensitive Software From Spectre

    Protection against Spectre attacks added to GrammaTech’s Cyber Hardening Services for Intel and AMD processors.

    Read Article
  • What's New in CodeSonar 4.5?

    What's New in CodeSonar 4.5?

    INTRODUCTION: The latest release of CodeSonar, version 4.5, has updates in key areas and innovations that include detecting insider attacks, a new Python API, and compiler model...

    Read Article
  • Thwarting Insider Attacks with Advanced Static Analysis

    Thwarting Insider Attacks with Advanced Static Analysis

    INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

    Read Article
  • Thwarting Insider Attacks with Advanced Static Analysis

    Thwarting Insider Attacks with Advanced Static Analysis

    INTRODUCTION: The security threat posed by insiders is often underestimated. According to an IBM study, 32% of attackers are insiders and 24% are “inadvertent actors” (e.g. people...

    Read Article
  • Using CodeSonar for Software Supply Chain Risk Management

    Using CodeSonar for Software Supply Chain Risk Management

    The software supply chain is a growing concern in software development. Security, in particular, of third party software is a risk that needs to be evaluated and managed. Binary code...

    Read Article
  • Software Supply Chain: Risk and Reward

    Software Supply Chain: Risk and Reward

    INTRODUCTION: The recent interest in the so called “software supply chain” highlights the growing importance of using and reusing existing software. Companies realize they need to buy...

    Read Article
  • The Advantages of Hybrid Source and Binary Static Analysis

    The Advantages of Hybrid Source and Binary Static Analysis

    INTRODUCTION: GrammaTech brought unique binary code analysis to the market in 2013. Before then, the only option for binary analysis was to ship your code to specialists who would...

    Read Article
  • Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

    Eliminating Vulnerabilities in Third-Party Code with Binary Analysis

    Read the document
  • Reducing the Risk of the Software Supply Chain in Medical Devices

    Reducing the Risk of the Software Supply Chain in Medical Devices

    INTRODUCTION: Medical devices rely on third-party and in-house existing software as needed, to meet functionality, cost, and time-to-market concerns. Although software of unknown...

    Read Article
  • How Vulnerable Are You?

    How Vulnerable Are You?

    INTRODUCTION: The promise of static analysis is compelling but our most frequently-asked question is, "Where do we start?" Security is a top-of-mind concern, so we are also frequently...

    Read Article
  • Don’t trust any input! Prevent vulnerabilities from becoming exploits with tainted data analysis

    Don’t trust any input! Prevent vulnerabilities from becoming exploits with tainted data analysis

    INTRODUCTION: One of the most common attack vectors is user (or other) input into a system. It's very risky to assume that input is well-formed, yet people still do, and it is still a...

    Read Article
  • CodeSonar's Visual Tainted Data Analysis2:32

    CodeSonar's Visual Tainted Data Analysis

    CodeSonar's tainted dataflow analysis allows you to explore potentially dangerous data flows in a clear, visual way.

    Watch Video
  • GrammaTech Adds Hardening Techniques to Software Assurance Portfolio

    GrammaTech Adds Hardening Techniques to Software Assurance Portfolio

    Ithaca, NY — GrammaTech, a leading provider of software assurance, hardening, and cyber-security solutions, today announced the development of technologies for advanced software hardening. Most...

    Read Article
  • Improving Quality and Security with Binary Analysis

    Improving Quality and Security with Binary Analysis

    INTRODUCTION: Companies serious about quality, safety, and security need to manage the risks in their supply chain, including software such as commercial of the shelf (COTS) and free and open...

    Read Article
  • Step Four: Security Assurance for IoT Devices - Assessing third party code

    INTRODUCTION:

    Read Article
  • Performing a Security Audit with CodeSonar

    Inspired by a recent demonstration to a CodeSonar customer, I helped put together a 7-minute video on performing security audits with CodeSonar. Yes, I know what you're thinking... "7 minutes is...

    Read Article
  • Performing a Security Audit with CodeSonar7:42

    Performing a Security Audit with CodeSonar

    In this tutorial, we describe how to approach security auditing, using CodeSonar.

    Watch Video
  • The Sony Hack and Securing the Software Supply Chain

    The latest attack on Sony Pictures by malicious hackers continues to evolve as an international story line. What we know at present is that the FBI has officially blamed North Korea for the attack...

    Read Article
  • loading
    Loading More...